www.urdupoint.com Open in urlscan Pro
172.67.68.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3otDDFI
Effective URL:
https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Submission: On February 08 via manual (February 8th 2022, 9:39:54 pm UTC) from US — Scanned from DE

Summary HTTP 444 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 89 IPs in 11 countries across 54 domains to perform 444 HTTP transactions. The main IP is 172.67.68.78, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.urdupoint.com. The Cisco Umbrella rank of the primary domain is 177339.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2021. Valid for: a year.

This is the only time www.urdupoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
11	172.67.68.78 172.67.68.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.84 143.204.98.84	16509 (AMAZON-02) (AMAZON-02)
7	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	52.29.60.125 52.29.60.125	16509 (AMAZON-02) (AMAZON-02)
1 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	35.156.230.193 35.156.230.193	16509 (AMAZON-02) (AMAZON-02)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.17 143.204.98.17	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f16:bc:... 2600:1f16:bc:1201:ba55:a298:fa7e:df1f	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 79	104.94.242.154 104.94.242.154	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
1 2	108.157.4.80 108.157.4.80	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
8	3.214.202.18 3.214.202.18	14618 (AMAZON-AES) (AMAZON-AES)
2	23.209.68.8 23.209.68.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	144.76.128.227 144.76.128.227	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
9 11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6 11	92.122.254.129 92.122.254.129	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
5	68.67.179.135 68.67.179.135	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:f7:... 2a02:26f0:f7:197::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
3	92.122.254.4 92.122.254.4	16625 (AKAMAI-AS) (AKAMAI-AS)
39	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 9	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.248.224.58 34.248.224.58	16509 (AMAZON-02) (AMAZON-02)
1	92.122.253.36 92.122.253.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:12d... 2a02:26f0:12d:5ac::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	95.217.58.251 95.217.58.251	24940 (HETZNER-AS) (HETZNER-AS)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2.20.164.14 2.20.164.14	16625 (AKAMAI-AS) (AKAMAI-AS)
5	92.122.252.114 92.122.252.114	16625 (AKAMAI-AS) (AKAMAI-AS)
13	92.122.255.233 92.122.255.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.72 143.204.98.72	16509 (AMAZON-02) (AMAZON-02)
1 2	52.50.160.17 52.50.160.17	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
4	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	18.135.229.166 18.135.229.166	16509 (AMAZON-02) (AMAZON-02)
1	18.135.139.107 18.135.139.107	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:2a00:17:8296:f1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:215... 2600:9000:2156:4400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.5 143.204.98.5	16509 (AMAZON-02) (AMAZON-02)
6	52.203.104.151 52.203.104.151	14618 (AMAZON-AES) (AMAZON-AES)
1 2	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4	34.242.207.34 34.242.207.34	16509 (AMAZON-02) (AMAZON-02)
1	18.196.18.182 18.196.18.182	16509 (AMAZON-02) (AMAZON-02)
1	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	204.237.133.120 204.237.133.120	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a05:d018:d29... 2a05:d018:d29:3602:e939:2a3d:aa5a:940c	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	23.209.68.245 23.209.68.245	16625 (AKAMAI-AS) (AKAMAI-AS)
444	89

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.68.78 (United States)

ASN13335 (CLOUDFLARENET, US)

www.urdupoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
photo-cdn.urdupoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-84.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.60.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-60-125.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

urdupoint-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:bc:1201:ba55:a298:fa7e:df1f (Columbus, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

79 104.94.242.154 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-242-154.deploy.static.akamaitechnologies.com

cdn.inskinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.inskinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t.inskinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.80 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.214.202.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-202-18.compute-1.amazonaws.com

mfad.inskinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.209.68.8 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-68-8.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.128.227 (Remscheid, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap16.adplayer.pro

player.urdupoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 92.122.254.129 (Schiphol, Netherlands) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-129.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.87 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.135 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7:197::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.122.254.4 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-4.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.4.10.49 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.224.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-224-58.eu-west-1.compute.amazonaws.com

t.illuma-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.253.36 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-253-36.deploy.static.akamaitechnologies.com

cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:12d:5ac::1ec4 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 95.217.58.251 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.251.58.217.95.clients.your-server.de

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.164.14 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-164-14.deploy.static.akamaitechnologies.com

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 92.122.252.114 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-114.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 92.122.255.233 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-255-233.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inskinmedia689754970364.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-72.fra50.r.cloudfront.net

cdn.lamp.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.160.17 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-160-17.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.229.166 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-229-166.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.139.107 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-139-107.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2a00:17:8296:f1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.mfad.inskinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-5.fra50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.203.104.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-104-151.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.242.207.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.18.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-18-182.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.237.133.120 (Philadelphia, United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:e939:2a3d:aa5a:940c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.209.68.245 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-68-245.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	inskinad.com 1 redirects cdn.inskinad.com — Cisco Umbrella Rank: 44483 t.inskinad.com — Cisco Umbrella Rank: 46502 mfad.inskinad.com — Cisco Umbrella Rank: 25348 video.inskinad.com — Cisco Umbrella Rank: 220404 cdn.mfad.inskinad.com — Cisco Umbrella Rank: 161893	3 MB
68	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 pix.eu.criteo.net — Cisco Umbrella Rank: 7730 csm.eu.criteo.net — Cisco Umbrella Rank: 7881	649 KB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	240 KB
36	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 ad.doubleclick.net — Cisco Umbrella Rank: 195 pubads.g.doubleclick.net — Cisco Umbrella Rank: 462	229 KB
18	pubmatic.com vpaid.pubmatic.com — Cisco Umbrella Rank: 5222 ads.pubmatic.com — Cisco Umbrella Rank: 473 image6.pubmatic.com — Cisco Umbrella Rank: 595 vid.pubmatic.com — Cisco Umbrella Rank: 7994 simage2.pubmatic.com — Cisco Umbrella Rank: 552 image4.pubmatic.com — Cisco Umbrella Rank: 848 image2.pubmatic.com — Cisco Umbrella Rank: 1032 aktrack.pubmatic.com — Cisco Umbrella Rank: 924	87 KB
14	stat-rock.com serving.stat-rock.com — Cisco Umbrella Rank: 21930	425 KB
13	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370 ads.eu.criteo.com — Cisco Umbrella Rank: 7925 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10834 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	179 KB
12	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 461 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590 as-sec.casalemedia.com — Cisco Umbrella Rank: 1285	11 KB
12	urdupoint.com www.urdupoint.com — Cisco Umbrella Rank: 177339 photo-cdn.urdupoint.com — Cisco Umbrella Rank: 796796 player.urdupoint.com	239 KB
11	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 556 static.adsafeprotected.com — Cisco Umbrella Rank: 533 dt.adsafeprotected.com — Cisco Umbrella Rank: 484	97 KB
11	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32669 hal90001.redintelligence.net — Cisco Umbrella Rank: 277782	21 KB
10	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 467 video-ads.rubiconproject.com — Cisco Umbrella Rank: 6942 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4143	30 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 361 geo.moatads.com — Cisco Umbrella Rank: 606 mb.moatads.com — Cisco Umbrella Rank: 561 px.moatads.com — Cisco Umbrella Rank: 391	109 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 241 secure.adnxs.com — Cisco Umbrella Rank: 404	8 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 418 ajax.googleapis.com — Cisco Umbrella Rank: 293	385 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	302 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19799 api.webgains.io — Cisco Umbrella Rank: 60455	102 KB
6	moatpixel.com inskinmedia689754970364.s.moatpixel.com — Cisco Umbrella Rank: 120158	2 KB
6	adnxs-simple.com nym1-ib.adnxs-simple.com — Cisco Umbrella Rank: 17587 cdn.adnxs-simple.com — Cisco Umbrella Rank: 27002	37 KB
6	teads.tv a.teads.tv — Cisco Umbrella Rank: 1286 s8t.teads.tv — Cisco Umbrella Rank: 3189 t.teads.tv — Cisco Umbrella Rank: 2400	133 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	111 KB
5	openx.net 1 redirects urdupoint-d.openx.net u.openx.net — Cisco Umbrella Rank: 710 rtb.openx.net — Cisco Umbrella Rank: 1548	916 B
4	webgains.com track.webgains.com — Cisco Umbrella Rank: 44883	92 KB
4	gstatic.com fonts.gstatic.com	85 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	40 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	19 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	2 KB
3	adtelligent.com 1 redirects ghb.adtelligent.com — Cisco Umbrella Rank: 5988 sync.adtelligent.com — Cisco Umbrella Rank: 2849	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	98 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	991 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	745 B
2	adform.net 1 redirects c1.adform.net — Cisco Umbrella Rank: 608	949 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2366	23 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 250175	2 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	734 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 6427 certify.alexametrics.com — Cisco Umbrella Rank: 3682	3 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770	518 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 745	612 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316	66 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 6679	351 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	17 KB
1	avct.cloud cdn.lamp.avct.cloud — Cisco Umbrella Rank: 35711	13 KB
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 1233	2 KB
1	illuma-tech.com t.illuma-tech.com — Cisco Umbrella Rank: 6084
1	google.de adservice.google.de — Cisco Umbrella Rank: 8028	792 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 1799	161 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 600	346 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1366	5 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4192	406 B
444	54

	Domain	Requested by
78	cdn.inskinad.com	1 redirects www.urdupoint.com cdn.inskinad.com
39	pix.eu.criteo.net	ads.eu.criteo.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.urdupoint.com 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com googleads.g.doubleclick.net
23	static.criteo.net	www.urdupoint.com ads.eu.criteo.com static.criteo.net
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com srcdoc
15	securepubads.g.doubleclick.net	www.urdupoint.com securepubads.g.doubleclick.net www.googletagservices.com
14	serving.stat-rock.com	player.urdupoint.com
11	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	t.inskinad.com	cdn.inskinad.com
9	hal90001.redintelligence.net	2 redirects 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com hal90001.redintelligence.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	mfad.inskinad.com	cdn.inskinad.com www.urdupoint.com mfad.inskinad.com
8	www.googletagservices.com	securepubads.g.doubleclick.net 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
8	photo-cdn.urdupoint.com	www.urdupoint.com
7	fastlane.rubiconproject.com	www.urdupoint.com
6	dt.adsafeprotected.com
6	inskinmedia689754970364.s.moatpixel.com
6	px.moatads.com
6	csm.eu.criteo.net	ads.eu.criteo.com
6	111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	nym1-ib.adnxs-simple.com	cdn.inskinad.com nym1-ib.adnxs-simple.com cdn.adnxs-simple.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	simage2.pubmatic.com	ads.pubmatic.com
4	api.webgains.io	analytics.webgains.io
4	track.webgains.com	hal90001.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
4	googleads.g.doubleclick.net	111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com www.urdupoint.com
4	fonts.googleapis.com	securepubads.g.doubleclick.net cdnjs.cloudflare.com
4	www.google.com	tpc.googlesyndication.com 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	www.urdupoint.com c.amazon-adsystem.com
4	cdnjs.cloudflare.com	www.urdupoint.com ads.eu.criteo.com
3	image2.pubmatic.com	ads.pubmatic.com
3	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com www.urdupoint.com
3	t.teads.tv
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
3	rtb.nl.eu.criteo.com	www.urdupoint.com
3	urdupoint-d.openx.net	1 redirects www.urdupoint.com
3	www.googletagmanager.com	www.urdupoint.com adv.office-partner.de
3	www.urdupoint.com	www.urdupoint.com static.cloudflareinsights.com
2	aktrack.pubmatic.com
2	ups.analytics.yahoo.com	2 redirects
2	match.adsrvr.org	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	sync.adtelligent.com	1 redirects
2	analytics.webgains.io	track.webgains.com
2	script.4dex.io	serving.stat-rock.com script.4dex.io
2	ajax.googleapis.com	hal90001.redintelligence.net
2	pixel.adsafeprotected.com	1 redirects cdn.inskinad.com
2	vpaid.pubmatic.com	player.urdupoint.com
2	video-ads.rubiconproject.com	player.urdupoint.com
2	imasdk.googleapis.com	player.urdupoint.com imasdk.googleapis.com
2	adv.office-partner.de	hal90001.redintelligence.net
2	ad.doubleclick.net	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	hal9000.redintelligence.net	111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
2	a.teads.tv	securepubads.g.doubleclick.net s8t.teads.tv
2	sb.scorecardresearch.com	1 redirects www.urdupoint.com
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	vid.pubmatic.com	vpaid.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
1	rtb.openx.net
1	t.trafmag.com
1	u.openx.net	www.urdupoint.com
1	as-sec.casalemedia.com	serving.stat-rock.com
1	cdn.jsdelivr.net	serving.stat-rock.com
1	cdn.mfad.inskinad.com
1	mb.moatads.com	z.moatads.com
1	geo.moatads.com	z.moatads.com
1	s0.2mdn.net	imasdk.googleapis.com
1	video.inskinad.com
1	cdn.lamp.avct.cloud	cdn.inskinad.com
1	z.moatads.com	cdn.inskinad.com
1	mug.criteo.com	gum.criteo.com
1	secure.insightexpressai.com
1	cdn.adnxs-simple.com	nym1-ib.adnxs-simple.com
1	t.illuma-tech.com	nym1-ib.adnxs-simple.com
1	secure.adnxs.com	nym1-ib.adnxs-simple.com
1	s8t.teads.tv	a.teads.tv
1	player.urdupoint.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.urdupoint.com
1	certify.alexametrics.com	www.urdupoint.com
1	htlb.casalemedia.com	www.urdupoint.com
1	hb.emxdgt.com	www.urdupoint.com
1	tlx.3lift.com	www.urdupoint.com
1	ghb.adtelligent.com	www.urdupoint.com
1	bidder.criteo.com	www.urdupoint.com
1	certify-js.alexametrics.com	www.urdupoint.com
1	static.cloudflareinsights.com	www.urdupoint.com
1	bit.ly	1 redirects
444	104

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
pinterest.com
www.linkedin.com
www.youtube.com
www.instagram.com
www.pakistanpoint.com

Subject Issuer	Validity	Valid
urdupoint.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
cdn.inskinad.com DigiCert SHA2 Secure Server CA	`2021-08-05` - `2022-08-05`	a year	crt.sh
t.inskinad.com GTS CA 1D4	`2022-01-08` - `2022-04-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
mfad.inskinad.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
player.urdupoint.com R3	`2021-12-19` - `2022-03-19`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
illuma-tech.com Amazon	`2021-07-01` - `2022-07-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.insightexpressai.com DigiCert SHA2 Secure Server CA	`2021-05-07` - `2022-05-12`	a year	crt.sh
serving.stat-rock.com R3	`2021-12-26` - `2022-03-26`	3 months	crt.sh
adv.office-partner.de R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
cdn.lamp.avocet.io Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
cdn.mfad.inskinad.com Amazon	`2021-03-27` - `2022-04-25`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh

This page contains 48 frames:

Primary Page: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Frame ID: 308F103CD08A7889BBBBF44C11B6ECDA
Requests: 87 HTTP requests in this frame

Frame: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F176EE6C451ABCDFE6AA02C5A7960733
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuR0mt4CYbFVO8a8957_9iV1MQcIeXN4JxO03AtU7fvPn1oF84GKxpTrJZWuAKZ44LHsQuaYDOZXTboHbrS-znhw7a3iuv-7r0QbxPThHS5ICTpfM5i9dc0nlECYnouYSFcGNSzb7IpcVRvKgCBvfbEJ4thu2VyvOjqTs1bzOglFG-t0_j0c-4JcL-vWCXl1pTxABt8IDBObMV2T6ud5Q9C5ub8Qu_QjmeCSF7voWxm-liI7t8NkQaLfv-GRs4Dlo3yGpqEhFnSjD7gRWWYItMmlAd-JgKsWAVumUimMxM4Kk&sai=AMfl-YRXgsfU74UkrxWjrkX5CdO12oY-aS_tBUqqT6fXM5DFxrwDlbNhha4_KW9s4-Jb1jmP2izSjdJioXcsNy_RsAwuCrLrLg0ZZjZxezHAtsImEDAa0FBWeE-ZN7IDvCw&sig=Cg0ArKJSzL6XMnJtPYerEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5FAE81FB6D35474D015A592FDEE8C86B
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB2313EDF41FAFCC9E64201E14142578
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E1C289F7A4AECF25EAF1A72F0C1CF30
Requests: 2 HTTP requests in this frame

Frame: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B9CA94DA603BFE2959E7F2B6443D1337
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp8dlBiz9lavpSUBcjKG4DpRyw7PYKWv44feSmFF6bImLNPwYC2Cuv50Yy-1bBwpSUifuO20fHFfERRnntoY5kHdoMeycRKN89DUY41m9CW_hEFF-pUHc_1-H4JfCQ4JeEuWjNJcLT7B3pSPGN-71okRgrjiEntsFzphNnn5pkw-Ydgae6yik-JDW4JmrkIsYrZthl_i7T75r7NYCHdvz9iSvfg8msr16mQBwVfnc91fRe1cgUpjoqeaAxh12tZX0hJlDBeuPYKs7I6o3YoaIeAmPsFAGAVwYHtONwkDELonODwhQhVD0--z5SlOGTo9vY&sai=AMfl-YSRuyvLRce4kqUg-ELk0uUo0CRGFAIZEAR2weAljweUrHh5-gy67KjFWFu7jP6wbyR6Aj7jzYkklixcN86moHT1AGDTGB6m7dJUZtOJ0BlMX2Uu1H3WbdVrcTCHpQ_s&sig=Cg0ArKJSzPDsaHsJFrDMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 727EC2AC7132DA0EBA2704EB55EE68C5
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv43RV61RAK_BQLttRlyOHX5qZMu0PB9ggPoN8UccxqCwDZGmfAIaV8be4xX25mxmAfuVvaYswuakzhi0xmGBwhQ8Tc-tl6eKTUPFGKkuJXbAe5BKA74JaVO7VsHpdmskhg91tq-L_suBboHjoqpxYso_jG3noV4sZpdbwe1G3naKCM2J_AP6Aej-CxolB2slD9xFSJzKtSlVc3KmyWsvKZh7UtUwrqlECLwQ18frwQopUBtM9PSbPY9FJ1IySwmINAchKWylGz0FnuRbi9Wq4rJVB27OvkgyFgqXpc16jyuTsIINs&sai=AMfl-YR8HZSdCURZ-bcUv-9YAW-REc8FHcfomcV_t6VmTcz5b_O5QBSDoIyujOqstc60ksE4C5_n7lapYF_9NLSoJQ8mxWDJJ16-dQu9umgEf4W2pQYmimwedRfY4IV5NFWf&sig=Cg0ArKJSzJCFT2P8AKHdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D89A70E0646C01C63B7B994F64DDE90C
Requests: 26 HTTP requests in this frame

Frame: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FFAB66D24E7BFD0BADE4FDD16153AC29
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 6F03130F27D814B289E6726308AF18A5
Requests: 15 HTTP requests in this frame

Frame: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 532A8BAC5AF89FE846403AB5BA1213A9
Requests: 10 HTTP requests in this frame

Frame: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC84D071912E82848A16ACCAE1B54A29
Requests: 8 HTTP requests in this frame

Frame: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B4E0A3C239C3C8FD2346C409C8C9CF4
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruEK5VSkAAxKbxmdH_mrPOxaQQck4Q&u=%7CKRsYBkgTaOezxU118dZuXmKK4zJ6w70aoQVFYHdpN2Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2BDP94ms9lfiEN1F7qYpgGWWkF9lIHFV4AtrLB0CJGs5YbcuFPUVkC6WaNSvk7UBtCj3hDhD0VZgzCPWv2OfDlKCVEfwSV38N7oombTlC_gwp6MMUH4hTnzMmJLNBsidMynBCgshYGCaGgpYh9JRsxTajEWod4nfHK4dW0aZoBMITQiG6FKY-ZLTlktmDpzzxGc__T_zRLhvepPDBO2ZvddCF3kHSAySCKqhfkWGUrob5YvSV9qa8exzWdSWeK-ZdvjMFH95QF0BnGzCMxKj-eR7QW8OkLfRhDhSjAxmt7a_obevVqNBcfLG8DSB2ttx_CQvAWH9MX1PJSFi25N45m8Zggc5ULZkK2lntQrtEbSQoLU5RDj9Djnv7iJByFsOsolrPzUr9Kd8cHaAmNX0J4Cg6tqPHfBwk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv5HuIeMCYuHdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSaAk_Q5m0qdgBp4WPpJ8msk7ERbekxS4ONshbiMImPdm_KELeyVmJLrnhb6sTiaYNdDV4y7RiqM9hG0l1smemrNnbgLDJVS1gb4MhTFReDDFkSpv0ED00MvxdvYGhvo_llIfNrnEjXIDhAbO-nDwLWh13rPAl8V4DT8-R30I1Rwno57Hj-A4o6pUHXJDestD2g8CTiMETy6iPbnCyl0YxMVJM0nuAKntl2Qlq6eSJb0TICn_oB8sLeBu5Vp6wr1Whn4lZ1OcLawkwekYiBcUHRDeZD-UBc9cUp4vy_5Wb6HXd9FtOYeN02Yi23rSFBvWiqx_o_QbCcylZp_Zo2btk3PKGaQRD618ShJEZbDEprzIhqtVPOeKaXoxXTcOAEAYAG8oilvauC64fJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uJGsQIJ2Ti0pr-DC6fKTEB-NERw%26client%3Dca-pub-2880359506957066%26adurl%3D
Frame ID: DD7432C2A9918BA58DC2E7771076D77B
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNXm2smzHu8LZjF07_xRzb7cidpDMaYy1WFvK0WxknxwqGocrxw99jSqPRnYpMrW4h_puSn7yZEUjKpYoTx7rqhTTG3CHPE-EMhbFnE-1MAL17qOuC1bP3ShXJ2maQqkOKnG9E6bRLLnmaTYgsPEN8Mj6oC7SZI44BlIDuG55YUTfyBJmrI
Frame ID: 4DEFC55D101B1ABFF90B58F48002CDD8
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruQK5VSkAAxKb4D8OZGruILaEoRiPA&u=%7CKRsYBkgTaOemT8TvUVy8DChR1b0jpsvRmUhzkURNoak%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcX8JuE2Nok2HCYuMm4Kp5oz49sKanr2hO_Anus_7YH6kRHH5_-6Llhj8L2XUSPPbvEDH_dm7Dee0tmNncCrclMwAzbWRGHtVfu_2wv7ChKG6s1yuWHEqkjj7cH9fA7Aftq4KOhSwNp8LHeYLF9VLpLjf2OE2U2B9M6s2Kv_kDzJPujz8m1q49dZB2xaEu3MjszgIci1bb8IRk5aqQ9BuP-jJDNuLKZ_JWY3u3o5hJgsg9OvnAWEfofN7rXqe_7fAZXJGBDW1hEjW8pCjxQy1XSiGe9vdQ_vb-V8Phyjd6ILhhGdCn2ENbbO6PUvvodfLhGe9Cyh29ZAKOfabfx7vOHbw1THC0GcESFaGc3RJ0I6HhGuwwGV80MdXayfBRVdxhHKNm_ILyFPY4WhmGs7EiPcCqarlAoPk8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL7nxIeMCYuTdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSZAk_QM_rQe2YJEy8zC7LWMUe5UOlGfl1eK7JNnZ5dCa48aA0toHCUVzkws1YemD30I2YMB5H9q1ukE-doDnj7O9gX5ne2IUaFqmSdFS45nYpkymz1kFnZ5IYDW0AqifU3Jjnc-w0Kej3Kgs6gV-w0ENCb9ghNk86tT75bqxNTmeC7eJHUf3cNv2_hqmqLrr7jnmUnuHMl2avx4imVDZVdWmrm8x4nG2Zf32S0IghXdvrhSHnEN3f9f5QqTkij-1O4CghNzozzRyVn19Moe53N0XdRysN3d2OsNudYzby9p1DNLDI6pcPDDJKbl3PlrNgmIzzei4MKZtH1nYkTSsvYW_ia6F3CMdLk3o2FPSn0k0Kb6RoZHwB5HI-r4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ll8rpT37pb0NMFh_2BhFOd7MRcw%26client%3Dca-pub-2880359506957066%26adurl%3D
Frame ID: 7E80F65514FBBFF3CF59613CC26A5B5E
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruIK5VSkAAxKbxhg6TThnFcUvODZoQ&u=%7CKRsYBkgTaOezqm5Ynu7fIZki9tKU%2FTA3au%2FsaKD7vdk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2BDP94ms9lfiEN1F7qYpgGWWkF9lIHFV4AtrLB0CJGs7B1lIaAAz0gWh_i17wBKCal5W0QPbfNWe7BzOmyAAwwiTRy4LzxjqP_51b9xvuhMob7m7Ooavjsh689u5qy4Cq8oiw3WVYBHvjHckZFcXQss_Gi-Vnnep735aeXMoNuw0FnmrRvWhc-np6Pc1Jw9Z79uvoKjJTs0jUdTjelfbIJdbnmLGwxb3Qu3QHbPwUvt8jr9FlPQWnGb_iNyfatYZ1C-0CvAZnKUaQTU3-hjeyj3c6y_TZk-RjqcJi3TFu403ybRYwULHkEtpebWdVMjAlWK0CrTZdB74BCI_27bDoBKfcPhEYMx2upU01vbvlSmAI78kmxliKfmWZgAsgSbE5aILaD-D4y3rWw2yT0uDQ9Id9rxXrpSmo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9IhYIeMCYuLdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgScAk_Q4oGJy5QGd9iwnXC0QGL5JMLrzTpZrQYjibKLMJJttyVeNA5bRjkWSYvZt5vxhM1srmy5izEzUUyhx5LPFPlLkw3ol6SpFDVdL56DGkbpXyrNjkzk3ycqO5aMWR3d08_O-u6xCFM3X7MZITuW0VNKBfE5e-OB0qIgNrxZkOzTzThNCrjYx4vaMkQyXrKrsM6jBV_XOkr0HU6nOeo77BLIiBudXE0FZkOFbaHTtyXjr2EkIPVJK0c9bLWsG0EPaAeyBBBqMjoCS-FM4CF2_McKSwJneHRt4XpFvkWXfvRDCiuMb1xdNtdDcW9IR1Ak4gvX6Nn_jndLkc6wQ7xNN2niXJRbVM5mpDidYkV1D9fZ8TARawb-iqXSWcsU4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dE_izS2duAk1X0pkPwAXEuo1V1g%26client%3Dca-pub-2880359506957066%26adurl%3D
Frame ID: 3DDB16A91D79705C78A36F943561C873
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWRjbjWNvJLlMHNg9FxvP9X9DPK7UObyCmcUrIrVmNGjla0lTZ2_afnAvvV9DHLmEEnAsP_ZCCAalKzu5TZjpnYa1fj0HeD_PS7xeR5HFhW-9qexsbSzreT9jxAoEUmFxNOoKNb9tlYosiTxSV8YDx3hkd0ihBEhd-VMgOaoyIS1yY_fNQ
Frame ID: 168329E06B164C0E85F59C54CB4496EC
Requests: 5 HTTP requests in this frame

Frame: https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLSDmxSBwAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYDwmjhEOC7YAgDgApjxXOoCXGh0dHBzOi8vd3d3LnVyZHVwb2ludC5jb20vZW4vd29ybGQvcHV0aW4tYmlkZW4tYWdyZWUtc3RhdGUtb2YtcnVzc2lhbi11cy1jb29wZXItMTQyMTAzMy5odG1s8gIRCgZBRFZfSUQSBzQ4MDkwODPyAhIKBkNQR19JRBIIMTY5NzEzNTbyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWQgHNjdl1wDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IEBMIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEpT8ciAUBmAUAoAWxm-j_AaoFJDkwMzBlZTllLTZkYWQtNGQzZi04MzBlLTc0ZGJjYTdmNjA5M8AFAMkFAAAAAAAA8D_SBQkJAAUMdAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEF54ERBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FQQE9BQEQSGdBZ1EdEHBJZ0JBSkFCQUpvQkFnZ0GQBgCYBgCiBg8xMzIzMQn6IDQ0NDS4BgHBBgmlKPA_0AatRNoGFgoQCREZASFFGOAGAeoGOnXNFRg1ODE1MDE0NtkFAR3JFRA5MTQ1OTYdAEDyBgIIAIAHAYgHAKAHAboHDyEGABgpnCy9BkAAyAeEygXSBw01NAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=b351bdf59540cd2dbd2bee67a6b1e51c204a33f2&pp=21.6543
Frame ID: CB917006C5CF23DDB7503B6AACFC1430
Requests: 10 HTTP requests in this frame

Frame: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN572608.468584AMNETGROUP%2FB27050295.324629000%3Bdc_trk_aid%3D516909492%3Bdc_trk_cid%3D164277123%3Bord%3D1644356386228%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D0%3Bgdpr_consent%3D%3Bltd%3D%3F&tracker=true
Frame ID: 93F7BEF4F1479A95484E4D972AAA51D5
Requests: 2 HTTP requests in this frame

Frame: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fsecure.insightexpressai.com%2FadServer%2FadServerESI.aspx%3Fscript%3Dfalse%26bannerID%3D9846909%26rnd%3D1644356386230%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%3A%2F%2Fsecure.insightexpressai.com%2Fadserver%2F1pixel.gif&tracker=true
Frame ID: 29B8B974A734460A7D4EF7D88A006738
Requests: 2 HTTP requests in this frame

Frame: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6NDB9%26s%3DyqFo_2CjR38vlI3lIMAbjG6sT10&tracker=true
Frame ID: 006A408C7E31BED7EA700AD987FCA882
Requests: 2 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Frame ID: AEBFCF0E9CB4F5D79DEEC79B00379AB9
Requests: 20 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Frame ID: B0909086A9BF7E31F6D78059CD252FD2
Requests: 19 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Frame ID: 76058BA9719179CDD177F14BA40B9C17
Requests: 9 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Frame ID: 4AE254CAFDDEC21518B9B165ABE52DAA
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 24CA848025497A374807BD46AB3A2046
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1B05F9442433DE339E72D89AA253CDE4
Requests: 3 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=1476479&seg=26386575&t=1
Frame ID: 696E93E587C8D60D09AD02012593377C
Requests: 1 HTTP requests in this frame

Frame: https://t.illuma-tech.com/i?adv_id=4809083&auction_id=7009655512589407225&cpg_id=16971356&cp_id=0&referer_url_enc=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tag_id=22777846&creative_id=334783641&bid_price=160.50417&price_paid=26.478723&gdpr_applies=1&gpdr_consent_string=&use_cookies=0
Frame ID: A96B629121F9E54A5C56646AC9DCE380
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.urdupoint.com
Frame ID: 5D317A29631A96D1F6726F228B163749
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F1B0473DC22EF9E22CCEC8A69A8D9E89
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=36926100239878200757589011864001&a=383057c9
Frame ID: 91D57FC72253339C4AC075B839F4D153
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8734BD83F6DF9674B1E8709D0358CCB3
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
Frame ID: FAE6F8E97B266D3ABBE387856E8B1311
Requests: 9 HTTP requests in this frame

Frame: https://serving.stat-rock.com/player/pb/3.21.0.js
Frame ID: BB9B23C31856EB33156594AEAFD1C2C5
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: FF8E8596F0F3466B5EC4490379FED797
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2389686E50DB7202919FFD4208C7F6AA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6MjAzfQ%26s%3DVzHod8dhotkh1_vxmzgvRbB9yMs&tracker=true
Frame ID: 3EF79DDB7C22F9B0E9437649F4186312
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 5AD6F0252F055877412CCDF0A2C73FB2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D556C8B2DD216562078E9DD85B37F052
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31042.js
Frame ID: 7A8C91A44130273B3E52FD246632FF18
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=160046&siteId=769468&adId=3310873&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=224&vw=400&placement=3&vtype=0&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Frame ID: 5B8BCCCAB444000C581793B57DA61A9A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 345F773C3FDEF6F3ADE52C6CF218C862
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87DD1491-ABE6-4798-A854-3F0A426431A2
Frame ID: 0F7C56066DBE49B10BA4D7715073EF94
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgLjJgAEvkoDhQBB&gdpr=0&gdpr_consent=&_test=YgLjJgAEvkoDhQBB
Frame ID: AC7617D9DAC12A1E1DB570E7A8FDD8D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:df806202-e325-4500-98f2-36623b35d605&gdpr=0&gdpr_consent=
Frame ID: 2F101D902241BC90CDF8BB539AD7D544
Requests: 1 HTTP requests in this frame

Frame: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6MjA0fQ%26s%3DYfJpmWnSqwB5lYrnBETdRDAqwag&tracker=true
Frame ID: 57B4668F2F19D4F7BF64D171EF8BF19A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Putin, Biden Agree State Of Russian-US Cooperation Unsatisfactory - Kremlin - UrduPoint

Page URL History Show full URLs

http://bit.ly/3otDDFI HTTP 301
https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

444
Requests

94 %
HTTPS

36 %
IPv6

54
Domains

104
Subdomains

89
IPs

11
Countries

7264 kB
Transfer

15166 kB
Size

54
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/urdupoint.network

Search URL Search Domain Scan URL

URL: https://twitter.com/DailyUrduPoint

Search URL Search Domain Scan URL

URL: https://plus.google.com/+urdupoint

Search URL Search Domain Scan URL

URL: https://pinterest.com/urdupoint/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pakistanpoint-com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/urdupointcomofficial

Search URL Search Domain Scan URL

URL: https://www.instagram.com/urdupoint_com

Search URL Search Domain Scan URL

URL: https://www.pakistanpoint.com/
Title: PakistanPoint

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3otDDFI HTTP 301
https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js HTTP 302
https://cdn.inskinad.com/eu/isfe/4.1/js/integration/base.gz.js

Request Chain 48

https://sb.scorecardresearch.com/p?c1=8&c2=8331083&cs_ucfr=0&c3=1&c15=&cv=2.0&cj=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=8331083&cs_ucfr=0&c3=1&c15=&cv=2.0&cj=1

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgLjIjzyOZ4dIQ6nWpMPQQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgLjIjzyOZ4dIQ6nWpMPQQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D

Request Chain 187

https://hal90001.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2A-yIeMCYuPdCqSplQfvlLHoBt2t6Khgu4_f1IgK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBN8BT9CBSxgQ4NKmt0q_3siPDu1nct7A5dPlG4-MIokEsIVDZ4QlR0OgZmBCBEXlZkwIUDd8ORV5-srN6ZRLAlWUYcpL3EvTgUSpnb1H6a6zLcca4Ae17KB-9Zd4OBDfMgedcsHVsHFrd3EE_tU2ZYNdE-TcdTzhFkYOEK86tPcSbTCSi0NttDSRIQElXS5W_SonuaImuJ1bsuUPlp1i0_Ee1x1Rm8p_8Mge8o_6O2fLTGSfwIr5PuS3Ojf5aDv4egX18sv71ybmhYztZsBKpTjs8UV5h05XAj_JL1VZDtCGFMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw%26sig%3DAOD64_1Zo_mNtXVj1t6oWuM645kgx96CxQ%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-AuTl8iLKu7pS1ME5Tp7OnEIM7a2IcY1uVAmo6DTzcGg6Gjsn-cbLmDz0AFyvW7WeCi3uvxRI3fRg68kLQZmTe3twdbu5esbZoA_9pgJzIcOO4ArvpwQIQXquihsOaIs_mIP4yY7MIwrNOaJFyS2l4aEbtZ3w%26cry%3D1%26dbm_d%3DAKAmf-AxiufkYn11js9qP6mGn9LrZpqUJNKYDMWu9BP8vRXaUN3hFNuj9KbmoHcSL1Y1I-GH-0L6q7o7W5euKe-Ey1QxB-L9nZ1_6C_nq9WbqJqnmfJkXfkoH-tPOLIGNJgVttrzkpc4cCwOMk0hdPQkMLtL2dsFYa6SxEQyatnU3iX0bmoln8XptUoYYnPSlEv2co03m3QvfagrgkBEARuFjp-lZXWXBCNUrXrCwVQ_96204jmEmrWkt2q7YNCFJKbm60aHiDKdmNnCLe0CUiiYXWnY3a0PlQRT83gvt3jvQPPqi5Jo8H9kZUKvr7gj8IGDRDPIpLc17FgJactj8BEgpxKuD3qtFzT-GaAdFCdJRiQKqSCDHVerMWPzNfzk89JMc4a3vPQp4174VrC1B0Pv6Dlu0E9X3CaIFvgBDE1VgTAdswGaf_2xzrdzupVC7n1CHngRqjOspas2OTHlMi4pj4eGo3rvdoMRTjpej0f6asMY1bpQ5dSQwYGSlj4Z9yCL9SUK0CNwCijPXRcoqA9hLK8OOr9t8Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=9312583503684&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2A-yIeMCYuPdCqSplQfvlLHoBt2t6Khgu4_f1IgK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBN8BT9CBSxgQ4NKmt0q_3siPDu1nct7A5dPlG4-MIokEsIVDZ4QlR0OgZmBCBEXlZkwIUDd8ORV5-srN6ZRLAlWUYcpL3EvTgUSpnb1H6a6zLcca4Ae17KB-9Zd4OBDfMgedcsHVsHFrd3EE_tU2ZYNdE-TcdTzhFkYOEK86tPcSbTCSi0NttDSRIQElXS5W_SonuaImuJ1bsuUPlp1i0_Ee1x1Rm8p_8Mge8o_6O2fLTGSfwIr5PuS3Ojf5aDv4egX18sv71ybmhYztZsBKpTjs8UV5h05XAj_JL1VZDtCGFMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw%26sig%3DAOD64_1Zo_mNtXVj1t6oWuM645kgx96CxQ%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-AuTl8iLKu7pS1ME5Tp7OnEIM7a2IcY1uVAmo6DTzcGg6Gjsn-cbLmDz0AFyvW7WeCi3uvxRI3fRg68kLQZmTe3twdbu5esbZoA_9pgJzIcOO4ArvpwQIQXquihsOaIs_mIP4yY7MIwrNOaJFyS2l4aEbtZ3w%26cry%3D1%26dbm_d%3DAKAmf-AxiufkYn11js9qP6mGn9LrZpqUJNKYDMWu9BP8vRXaUN3hFNuj9KbmoHcSL1Y1I-GH-0L6q7o7W5euKe-Ey1QxB-L9nZ1_6C_nq9WbqJqnmfJkXfkoH-tPOLIGNJgVttrzkpc4cCwOMk0hdPQkMLtL2dsFYa6SxEQyatnU3iX0bmoln8XptUoYYnPSlEv2co03m3QvfagrgkBEARuFjp-lZXWXBCNUrXrCwVQ_96204jmEmrWkt2q7YNCFJKbm60aHiDKdmNnCLe0CUiiYXWnY3a0PlQRT83gvt3jvQPPqi5Jo8H9kZUKvr7gj8IGDRDPIpLc17FgJactj8BEgpxKuD3qtFzT-GaAdFCdJRiQKqSCDHVerMWPzNfzk89JMc4a3vPQp4174VrC1B0Pv6Dlu0E9X3CaIFvgBDE1VgTAdswGaf_2xzrdzupVC7n1CHngRqjOspas2OTHlMi4pj4eGo3rvdoMRTjpej0f6asMY1bpQ5dSQwYGSlj4Z9yCL9SUK0CNwCijPXRcoqA9hLK8OOr9t8Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=9312583503684&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 188

https://hal90001.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCV8PPIeMCYubdCqSplQfvlLHoBt2t6KhgqNy3x7kK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBNsBT9By3MCBzn0_nwDyrQrMyl8e-FX-ABo02zy35xJMUsTdYr9_63FZ28PAgSXrSehez6xzGRuMUt_1S82I2TVAvGCd17eD03_esO4A0Jts4V5g_58JPErGnzGfyec7xpeptKtPIMZh6kdrKt2jyfJY2Hz_4TIVV8C9COoP83xJsxOhEHZL2yoaWb7TW3gYxCapXJy0NEg6eLgTOpOicqk51DK1KUpT_IQWW26SiuuD7vvS5R204FREpAL7zSxoQB4b6DT8OkYZgs0Zbw55bmg25ZdcL-xwiCu3iks6wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw%26sig%3DAOD64_2VJkTRdFp-W8kyotsKYvWjhkPUBw%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-B5DhX-KtoNaT5obLZASzpeyfvo3kcpUrodxtk9AkBiMdJPlIqDEJNo_xYdwv3x_J_yWFf-szXDONOvM64R9M8XT6RQF5mFh6sAD71fiDS3LcYwVC9NP1QimGZLTq9_OptoECfCinfHJCRhhC_Gsvz2z5XFoQ%26cry%3D1%26dbm_d%3DAKAmf-Bw6Nnm_go5ZTKWCdXHLnqL53K_xzKPm0lUDvUXQVEBkXGfi7lpmWTN4CG3_nYqQid3G_jE7SkAcC3hwu3Ne2sceQXCpHPzWa2xgcTwgs8UZINy7rR0nryNIxbmWPZ1ZBADwoz01mvJezQcyFuaXVr2IK4tankdaWOXUCbHkSWn0SKdACiFix6nj2Ss9wuWiZoJSs2oZfBa0o_eItB-nBguAQkEju7PgaOAqxPSEk9m-JDs9XpVsnjRtOv07KAZxFWuRilvCaobXBlx4PnbIA2wOch5Ymk4QWNetSS3aT0NgAYd2ysMzjWvxUuFTFJq5z5ufHyUDvTFpvdyri19Au4H9X4px3HbVZL7mOIEXfFfb-5UR3c_W1319eLwTvhzAAZSLunTd9nzEX35Rm-L90Fjf4VxGkQrlIN29RarvNBmi5WrONnWsIJtbUmKmBosDRaQyR6po1P98-eWMWBubR8cSYoT7RRDOXMX-3syVwp3xXoNId03W3zs4JCsPOHr5FKuyJdaXou1FdRYnJEYMG3UkCuONQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=1327006203056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCV8PPIeMCYubdCqSplQfvlLHoBt2t6KhgqNy3x7kK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBNsBT9By3MCBzn0_nwDyrQrMyl8e-FX-ABo02zy35xJMUsTdYr9_63FZ28PAgSXrSehez6xzGRuMUt_1S82I2TVAvGCd17eD03_esO4A0Jts4V5g_58JPErGnzGfyec7xpeptKtPIMZh6kdrKt2jyfJY2Hz_4TIVV8C9COoP83xJsxOhEHZL2yoaWb7TW3gYxCapXJy0NEg6eLgTOpOicqk51DK1KUpT_IQWW26SiuuD7vvS5R204FREpAL7zSxoQB4b6DT8OkYZgs0Zbw55bmg25ZdcL-xwiCu3iks6wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw%26sig%3DAOD64_2VJkTRdFp-W8kyotsKYvWjhkPUBw%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-B5DhX-KtoNaT5obLZASzpeyfvo3kcpUrodxtk9AkBiMdJPlIqDEJNo_xYdwv3x_J_yWFf-szXDONOvM64R9M8XT6RQF5mFh6sAD71fiDS3LcYwVC9NP1QimGZLTq9_OptoECfCinfHJCRhhC_Gsvz2z5XFoQ%26cry%3D1%26dbm_d%3DAKAmf-Bw6Nnm_go5ZTKWCdXHLnqL53K_xzKPm0lUDvUXQVEBkXGfi7lpmWTN4CG3_nYqQid3G_jE7SkAcC3hwu3Ne2sceQXCpHPzWa2xgcTwgs8UZINy7rR0nryNIxbmWPZ1ZBADwoz01mvJezQcyFuaXVr2IK4tankdaWOXUCbHkSWn0SKdACiFix6nj2Ss9wuWiZoJSs2oZfBa0o_eItB-nBguAQkEju7PgaOAqxPSEk9m-JDs9XpVsnjRtOv07KAZxFWuRilvCaobXBlx4PnbIA2wOch5Ymk4QWNetSS3aT0NgAYd2ysMzjWvxUuFTFJq5z5ufHyUDvTFpvdyri19Au4H9X4px3HbVZL7mOIEXfFfb-5UR3c_W1319eLwTvhzAAZSLunTd9nzEX35Rm-L90Fjf4VxGkQrlIN29RarvNBmi5WrONnWsIJtbUmKmBosDRaQyR6po1P98-eWMWBubR8cSYoT7RRDOXMX-3syVwp3xXoNId03W3zs4JCsPOHr5FKuyJdaXou1FdRYnJEYMG3UkCuONQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=1327006203056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 298

https://ad.doubleclick.net/ddm/trackimp/N572608.468584AMNETGROUP/B27050295.324629000;dc_trk_aid=516909492;dc_trk_cid=164277123;ord=1644356386228;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N572608.468584AMNETGROUP/B27050295.324629000;dc_pre=CNWlwfKI8fUCFQiKdwodgboFcA;dc_trk_aid=516909492;dc_trk_cid=164277123;ord=1644356386228;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=

Request Chain 318

https://gum.criteo.com/sid/json?origin=publishertag&domain=urdupoint.com&sn=ChromeSyncframe&so=0&topUrl=www.urdupoint.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=vpzlR3xzSVFQY1pTMytoUXZPQU5xc3pDWGRvc0ozc2ttRXlHbTl3Wi9TZ2M4LytQTGtqWFRrUlZzdXA4OHBncUNZLythdUxTdlRwdnhvbElPZFI4ekZrSmNXZTBFRWtPdXd4T3laQTM4bkxLMHZxamo3T01Ndks4dFBXZ0JHVXAyOThzbjh0K0ZNWmk1cHhGVXhJTlVwRHN2SVZxTThOL3NSY3FDT1NybW9jc2RXK3BDemdrOXU0Y205c3BLNXNTbTFQTVZXcXMwWHIxTTBXWUZTTjk2UjNMRlJlYWNXSnlyMDBlbDN6RXZJKzBnZmgvSGxLTVIrcGdOdkJ0VzF3UEtmSitjejFKNzVoNHpIZlVFNXF1SlJXVmdNUT09fA&cppv=2

Request Chain 331

https://urdupoint-d.openx.net/v/1.0/av?auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cb=0.6415316643982265&vht=224&vwd=400&ip=138.199.38.133&lmt=$$DNT$$&gdpr=0&gdpr_consent= HTTP 302
https://urdupoint-d.openx.net/v/1.0/av?cc=1&auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cb=0.6415316643982265&vht=224&vwd=400&ip=138.199.38.133&lmt=$$DNT$$&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 373

https://urdupoint-d.openx.net/v/1.0/av?auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cb=0.6415316643982265&vht=224&vwd=400&ip=138.199.38.133&lmt=$$DNT$$&gdpr=0&gdpr_consent= HTTP 302
https://urdupoint-d.openx.net/v/1.0/av?cc=1&auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cb=0.6415316643982265&vht=224&vwd=400&ip=138.199.38.133&lmt=$$DNT$$&gdpr=0&gdpr_consent=

Request Chain 387

https://pixel.adsafeprotected.com/rfw/st/923387/59920991/skeleton.js?ias_adpath=%23ISMViewability&ias_dspID=2&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.urdupoint.com%2F&adsafe_type=f&adsafe_jsinfo=,id:8fd422cc-dc51-b943-67ba-37e38904e2b8,c:3FtcsP,sl:inView,em:false,fr:true,thd:1,mn:app14ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1360.0.120.500,am:sp,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,nbld:0,mtim:258,fm:sWT5Par+1*.923387-59920991%7C11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C173%7C174%7C18%7C191%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:281,oid:a2ee9fd7-8927-11ec-98b6-02c390e9b11a,v:19.8.284,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability

Request Chain 404

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1868067680547776839

Request Chain 405

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=0a34f6dd8a604c00

Request Chain 432

https://c1.adform.net/serving/cookie/match?party=14&cid=87DD1491-ABE6-4798-A854-3F0A426431A2 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87DD1491-ABE6-4798-A854-3F0A426431A2

Request Chain 433

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YgLjJgAEvkoDhQBB HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgLjJgAEvkoDhQBB&gdpr=0&gdpr_consent=&_test=YgLjJgAEvkoDhQBB

Request Chain 434

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:df806202-e325-4500-98f2-36623b35d605&gdpr=0&gdpr_consent=

Request Chain 435

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h90UkavmR5ioVD8KQmQxog%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 437

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32466202-e325-4800-8e3a-452caf776057

Request Chain 438

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODdERDE0OTEtQUJFNi00Nzk4LUE4NTQtM0YwQTQyNjQzMUEy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 439

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDLAb_j81b9kP2JfdvYL_Wc&google_cver=1

Request Chain 441

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f891d5bf-189a-449b-b6c9-dac523126475

Request Chain 442

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2883581542429217098&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 444

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87DD1491-ABE6-4798-A854-3F0A426431A2&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87DD1491-ABE6-4798-A854-3F0A426431A2&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4LQv0x1E2uVg92kgkCuyFV3ivWibqT0-~A&gdpr=0&gdpr_consent=

Request Chain 445

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1868067680547776839&gdpr=0&gdpr_consent=

444 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request putin-biden-agree-state-of-russian-us-cooper-1421033.html Show response
www.urdupoint.com/en/world/
Redirect Chain

http://bit.ly/3otDDFI
https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

125 KB
28 KB

991ms
955ms

Document
text/html

172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503c618f7676dd96283ba3c284d3dfa15cd4cd27bee43bd4508481147ac3994e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=7200, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com, https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com
access-control-allow-methods: : POST,GET,OPTIONS
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
last-modified: Tue, 08 Feb 2022 21:39:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDIHCwuqvPwcOSmrUOJ58QlT7SqNXn409wnWwRVEQ%2FS0Y6XuHbwFvYxRQQDW0hZ4MAB4%2BPOn99iUNZF9C2AVgKYFVY4fqtQVgUt1%2BiHAsl%2B8F5EftuHtHYNPuSgGBWmObNCb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6da803228ea28ff5-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Tue, 08 Feb 2022 21:39:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 179
Cache-Control: private, max-age=90
Location: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Via: 1.1 google

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 124ms
100ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d806ed2d1dee72c1ad65db632d63e6eac53a9c43f28010490dfd53cb76467554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27180
x-xss-protection: 0
server: sffe
etag: "1126 / 601 of 1000 / last-modified: 1644340328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Feb 2022 21:39:44 GMT

GET
H2 200 pb4.27.js Show response
www.urdupoint.com/ads/ 218 KB
68 KB 27ms
27ms Script
application/javascript 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.urdupoint.com/ads/pb4.27.js
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad5a3a7e7eefe03ca9cd9d7dd2e315708d4568b25db2ab4f44f93bada9a16504

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13681
cf-polished: origSize=223525
cf-bgj: minify
last-modified: Wed, 24 Feb 2021 13:41:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ru4IPzkTkKkAqXGOc2CkGiBcW7A78uKJjcQPfCdTk49zbE8FuVwKHtnJ8rbxb4v4U7bDjMzry7rVYHBHFQjRYQT1MtxSF7h1Cl7GNl%2FRGNrPM9l7rsZOjfkcJNqlcAf1OqI2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6da80328ab638ff5-FRA
expires: Tue, 15 Feb 2022 17:51:43 GMT

GET
H2 200 up-english-logo.png
photo-cdn.urdupoint.com/images/ 6 KB
6 KB 48ms
38ms Image
image/webp 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/images/up-english-logo.png
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 603af7d188ad48ad8e9ac1418da07fdbde77db428a333a6558f61b5e3992d953

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 518290
cf-polished: origFmt=png, origSize=10537
content-disposition: inline; filename="up-english-logo.webp"
content-length: 5646
last-modified: Thu, 27 Aug 2020 06:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOsVM4ennnpHJpESFHGZSZKbo6PnSjRNq30vsEpXtJiftj6ITSz83PgFqSh020kZ0xGnMxQqC7vyCzMA34GCc30hHIAcN3fc%2Fa0ZFSw%2Bw%2FDMUo8zyFpCi0pRAyzGIyJk3hQDlXZv1PnZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 09 Feb 2022 21:41:34 GMT
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da80328cba08ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 up-logo-mobile-en.png
photo-cdn.urdupoint.com/daily/images/Logos/ 4 KB
4 KB 35ms
26ms Image
image/webp 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/daily/images/Logos/up-logo-mobile-en.png
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a862562754d28e9573a23872501c44ab8f5d1f798796e0c244d29ab92f02933

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 440468
cf-polished: origFmt=png, origSize=6878
content-disposition: inline; filename="up-logo-mobile-en.webp"
content-length: 3606
last-modified: Fri, 13 Aug 2021 07:01:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZDrj77m%2Fm8KYWuIt0%2F0Y%2F68hP1y%2Fzvw%2BjgVvf0WfzNNqoTVv6gmFr2uJTyqGDdu2EAq4eyvzihTgrJNL%2FhuGsmxAZ5Z8P754gIJJvnTW3eKHM2jPrdXpJYze7EK4rXJS5DhmrbjFTec"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 10 Feb 2022 19:18:36 GMT
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da80328cbab8ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 UrduPoint-English-20.png
photo-cdn.urdupoint.com/images/ 10 KB
10 KB 59ms
49ms Image
image/webp 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/images/UrduPoint-English-20.png
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f03061f9033f9d58a46346d65f19d39b5e2ad96c38691d3cf3459c94f1337f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1260351
cf-polished: origFmt=png, origSize=18627
content-disposition: inline; filename="UrduPoint-English-20.webp"
content-length: 9900
last-modified: Fri, 28 Aug 2020 06:21:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tQ00yvC4ICklAq6pJdbtZ%2FGLzusxsKYy47e4ZTTSBjVC34agy%2FBNeSQluK6iEgShki6N%2FpOkdV2OTg343Sy8JdwFDPzhVGwmQD47o3OXqRE3EK%2FSDUyrQPFjrY3aQnU5O3M9kgxc%2BMt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Tue, 01 Feb 2022 07:33:53 GMT
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da80328cba78ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 p235x155.jpg
photo-cdn.urdupoint.com/en/images/ 118 B
505 B 36ms
27ms Image
image/webp 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/en/images/p235x155.jpg
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0124f255bcfb3c92cf9ffb74b145b83e27821f8a9dc39008224858bd5d019e69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527508
cf-polished: origFmt=jpeg, origSize=1346
content-disposition: inline; filename="p235x155.webp"
content-length: 118
last-modified: Fri, 30 Jul 2021 07:55:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icXVKUnDRD3Uu0ftERRmiwSRka8f1SX1fYD%2FouShUhxV6T%2FdxIhmo8WDHFqV%2Fc1%2F6zd4AZEYv%2BUu5EhIDiKLudtdHKox9T7pFilPtWHgZowC5OIPolilZ%2Bw5BFDynuAZX4fMPtspwq82"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 09 Feb 2022 19:07:56 GMT
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da80328cba58ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 footer-logo.png
photo-cdn.urdupoint.com/daily/images/Logos/ 2 KB
2 KB 40ms
31ms Image
image/webp 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/daily/images/Logos/footer-logo.png
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a516073cee7233ff8ebc78f356f6a9755eca26443a74f73a5f68168bed59c5f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441144
cf-polished: origFmt=png, origSize=4061
content-disposition: inline; filename="footer-logo.webp"
content-length: 1722
last-modified: Wed, 01 Jan 2014 20:49:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYqMDc%2FPvqrsQsysV8a43rMD46cK%2BdJpyVQxZfKClrrRygMJ54sAa1Xha6qUoxt%2Fh5%2F%2F648RNE%2F2MdgflYgFRuXsc92mt0vjz6FVIQlTZkoLnbdhzYxCzyqvJMTQYKF%2Fz%2FOHipF8cgt4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 10 Feb 2022 19:07:20 GMT
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da80328cba98ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 lazysizes-umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/ 8 KB
4 KB 53ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/lazysizes-umd.min.js

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928ba0931c67bf5b7f0d9bae946d2d0e5c643eb528e2384847e8875f7de3362b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1245253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3118
timing-allow-origin: *
last-modified: Wed, 27 May 2020 09:33:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ece33f7-1e6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUuRF3uKjOc2JpHTT6Cvj7IR4I4Y33eWAzx4m4l8qpAMiMFJEYTSJngi0JmQVGWHJEA3v%2F0%2FKGtIqnJjJYvOP6M7tuHXkaKLJp2qcVCGVpTNCIbyl7CKmqyxwNKek8nye%2BcovJF4EZyN%2B8%2FkOnu4gmT5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6da80328ec329188-FRA
expires: Sun, 29 Jan 2023 21:39:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 408ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-307140-1

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

edb0d200616102fff6e240aec7303a652a6f1dff2d8055b25f1ecbd579213a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36008
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Feb 2022 21:39:44 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 61ms
41ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6da80328dadc9231-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 47ms
9ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 221
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1A2N38B1PT4W2239AT9N
date: Tue, 08 Feb 2022 21:36:09 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VPgVFsPLIbmA_byWIlui6Phw4bkZYr_dDYfrc_LekDZ-Lb_27IjqKw==

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 68ms
12ms Script
application/javascript 143.204.98.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-84.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 24809538
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: QGm5RhjKo7CSbOgtkA2HlyHZXG-gSjZAsI2Fv87cbqBVe7kYF0__xw==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 221ms
102ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22650&site_id=340306&zone_id=1793210&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tk_flint=pbjs_lite_v4.27.0&x_source.tid=7cd59ae5-9606-42c0-8080-2e95ede178de&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8078673572166293
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 686a7e178017cdd6274b65ae4baa16f399ae62db93d804e07e435599b1c42933

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 264 B
1 KB 223ms
104ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22650&site_id=340306&zone_id=1793210&size_id=15&alt_size_ids=16%2C67&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tk_flint=pbjs_lite_v4.27.0&x_source.tid=44bafc19-5eb9-4753-bcee-7a5bffcdc56e&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.473352682726607
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ad494eef2fe12be093d557920c50ff5d32578194869fc325963f6e3b219b2da8

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 264 B
1 KB 209ms
89ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22650&site_id=340306&zone_id=1793210&size_id=15&alt_size_ids=10%2C67&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tk_flint=pbjs_lite_v4.27.0&x_source.tid=4c87408c-90fe-4909-a4b1-138035e67ee4&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8168573858566377
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: df24d163a93b369e53baa3564dafb5218d40e40518d35fb0445b95fbede1f490

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 264 B
1 KB 203ms
80ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22650&site_id=340306&zone_id=1793210&size_id=15&alt_size_ids=16%2C67&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tk_flint=pbjs_lite_v4.27.0&x_source.tid=62c913a8-3291-41af-9849-ae717339ec31&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.054489332141000046
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 57e2135af01797f51de12fe98ac6332dd222a58364235aa0e583d9bb56e64fe4

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 205ms
82ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22650&site_id=340306&zone_id=1793210&size_id=2&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tk_flint=pbjs_lite_v4.27.0&x_source.tid=5d545dd3-bf8e-414c-8f9a-7a5048eb455d&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5359235209702244
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3c008a1f0ae2386fc78952d905e7e818bc85a84bcbdf89ab9a528e705530163b

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 220ms
92ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22650&site_id=340306&zone_id=1793210&size_id=2&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tk_flint=pbjs_lite_v4.27.0&x_source.tid=1b0e8552-cedb-4aa1-bd54-4a1d9009c2af&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8827971691497922
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3de57da630ced7a05914d59ab534c51dbe0115e51329fd9710c491706e6b1950

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 369ms
161ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22650&site_id=340306&zone_id=1793210&size_id=55&alt_size_ids=57&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tk_flint=pbjs_lite_v4.27.0&x_source.tid=7410b8e3-5ef7-4faf-b8ce-8365cc7d005a&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.48500157375669106
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 48ac585a7d8ea88cbd98a185bf1792940690bf230f4f00e2205fcd9ba5578d0c

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
314 B 90ms
44ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.27.0&cb=77516762709

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Feb 2022 21:39:41 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urdupoint.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 9 KB
2 KB 880ms
557ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: dd6e6dcb010907d4204a7bfe43d6bb9ea771a7d38182f5424c5ed27e0b57761f

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 08 Feb 2022 21:39:44 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.urdupoint.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 1375

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
346 B 31ms
10ms XHR
application/json 52.29.60.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.27.0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tmax=2000

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.60.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-60-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:44 GMT
x-auction-status: 17, 17, 17, 17, 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urdupoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
urdupoint-d.openx.net/w/1.0/ 73 B
381 B 64ms
19ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://urdupoint-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7cd59ae5-9606-42c0-8080-2e95ede178de%2C44bafc19-5eb9-4753-bcee-7a5bffcdc56e%2C4c87408c-90fe-4909-a4b1-138035e67ee4%2C62c913a8-3291-41af-9849-ae717339ec31%2C5d545dd3-bf8e-414c-8f9a-7a5048eb455d%2C1b0e8552-cedb-4aa1-bd54-4a1d9009c2af%2C7410b8e3-5ef7-4faf-b8ce-8365cc7d005a&nocache=1644356384181&aus=336x280%2C300x250%7C336x280%2C320x480%2C300x250%7C300x250%2C320x480%2C300x600%7C336x280%2C320x480%2C300x250%7C728x90%7C728x90%7C970x250%2C970x90&divIds=gpt-center-banner%2Cgpt-end-banner%2CSide1-banner%2CSide2%2Cheader-banner%2CHeadTopSticky%2Cgpt-970-banner&auid=541207875%2C541207873%2C541207869%2C541207877%2C541207865%2C541207868%2C541207872
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 1bb81774370c658a1ab9f1d3229d25cefe24fe07caa3d763cec7f7d121503f3a

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.urdupoint.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
161 B 36ms
12ms XHR
text/plain 35.156.230.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=2000&ts=1644356384182&src=pbjs
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 1 KB
2 KB 101ms
72ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?t=250&s=538948&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2255eac1276aaec8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%224.27.0%22%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256e500ebada8b06%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538948%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2257f4352df7e9cdd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538948%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2258694daaf0f0c81%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538946%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2259b53f96508ebfe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538946%22%2C%22sid%22%3A%22320x480%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A480%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22609e123684c0c86%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538946%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2261b35c9130e248a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538943%22%2C%22sid%22%3A%22320x480%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A480%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226266a46c97d5bb5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538943%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226319833398f749b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538943%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2264ecb219272af37%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538949%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226551b449490a32a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538949%22%2C%22sid%22%3A%22320x480%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A480%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22660823d96a4baf2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538949%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22678bb273a44b9e9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538371%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2268c610f48b023f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538942%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226961909c58647b2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538945%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22709804487f08e6e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538945%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9dcb7ac4c21d14d711ae02171e314522079d2b388622f65002f75f68983817d5

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:44 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[138.199.38.133], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.urdupoint.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1505
x-ak-client-geo: 12
expires: Tue, 08 Feb 2022 21:39:44 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 8ms
8ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.urdupoint.com&pubid=457536b0-a8e0-433d-8bda-363076bb1799
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:49:30 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: Server
age: 6613
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.urdupoint.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tf6NCeIfdlycjzFPLZ4K857elfg1U0qlCBCGAd3E_wHTzPcqNDTzzw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
494 B 142ms
141ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&pid=JB1L8XzuKPtPe&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22header-banner%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fheader-desktop%22%7D%2C%7B%22sd%22%3A%22header-banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fheader-mobile%22%7D%2C%7B%22sd%22%3A%22HeadTopSticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%2C%22300x100%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fsticky-header-top%22%7D%2C%7B%22sd%22%3A%22Side1-banner%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x480%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fside-one%22%7D%2C%7B%22sd%22%3A%22gpt-970-banner%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21678054%2Fheader_970x250%22%7D%2C%7B%22sd%22%3A%22gpt-end-banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22320x480%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fend%22%7D%2C%7B%22sd%22%3A%22gpt-middle-banner%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x480%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fmobile-middle%22%7D%2C%7B%22sd%22%3A%22gpt-center-banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fcenter%22%7D%2C%7B%22sd%22%3A%22FooterFixed%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fsticky-footer%22%7D%2C%7B%22sd%22%3A%22Side2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x480%22%5D%2C%22sn%22%3A%22%2F21678054%2Fup-v2%2Fside-second%22%7D%5D&pubid=457536b0-a8e0-433d-8bda-363076bb1799&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 3BV9AS8CJ7Z0N0T9WNVR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.urdupoint.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1f2sK6gEEN9-Inb5XTJ21yPV2RxwcZZAe8DuW8SPSbZowNVg9FvrmQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
7ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 61715
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Tue, 08 Feb 2022 04:32:25 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Fpx24IAIr0u0M3gky4prf4hImM1R_9-WIhAzX7HxwpW2QRY1yj48vA==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 34ms
7ms Image
image/gif 143.204.98.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Putin%2C%20Biden%20Agree%20State%20Of%20Russian-US%20Cooperation%20Unsatisfactory%20-%20Kremlin%20-%20UrduPoint&time=1644356384211&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&random_number=12417929951&sess_cookie=f3066e4217edb4735d34be2d98b&sess_cookie_flag=1&user_cookie=f3066e4217edb4735d34be2d98b&user_cookie_flag=1&dynamic=true&domain=urdupoint.com&account=9j5Lj1aUyS00WD&jsv=20130128&user_lang=en-US
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-17.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 04:13:32 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 62773
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: U5GTXqBHY9hcP3I47e4SCx5IdNL1meAJlIRVOWIBS0_Y2IxmKFxOTw==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 392ms
102ms Image
text/plain 2600:1f16:bc:1201:ba55:a298:fa7e:df1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:bc:1201:ba55:a298:fa7e:df1f Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
server: Server

GET
H2 200 pubads_impl_2022020301.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122037
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Feb 2023 20:58:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 357 B
193 B 32ms
17ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.urdupoint.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6bd241b5df9e4f96f7a07dc5212643afba1c3ed4fb38606b9503fc1e2a016664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 168
x-xss-protection: 0
expires: Tue, 08 Feb 2022 21:39:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-307140-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 290
date: Tue, 08 Feb 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 08 Feb 2022 23:34:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1883195133&t=pageview&_s=1&dl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ul=en-us&de=UTF-8&dt=Putin%2C%20Biden%20Agree%20State%20Of%20Russian-US%20Cooperation%20Unsatisfactory%20-%20Kremlin%20-%20UrduPoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=347320368&gjid=792211095&cid=1944566919.1644356385&tid=UA-307140-1&_gid=2100804009.1644356385&_r=1&gtm=2ou270&z=268582818

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.urdupoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum Show response
www.urdupoint.com/cdn-cgi/ 0
236 B 14ms
14ms XHR
text/plain 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.urdupoint.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.urdupoint.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6da8032bda088ff5-FRA
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 157ms
17ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-307140-1&cid=1944566919.1644356385&jid=347320368&gjid=792211095&_gid=2100804009.1644356385&_u=YEBAAUAAAAAAAC~&z=1175834107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 08 Feb 2022 21:39:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.urdupoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 49ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.urdupoint.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.urdupoint.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 187 KB
36 KB 739ms
739ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1780333355919771&correlator=3227915011092531&output=ldjh&impl=fifs&eid=31063378%2C44757100%2C21065724&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220208&iu_parts=21678054%2Cup_1x1%2Curdupoint_outstream%2Cup-v2%2Ccenter%2Cend%2Cside-second%2Cheader_970x250%2Cside-one%2Cheader-desktop%2Csticky-header-top&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2F4%2C%2F0%2F3%2F5%2C%2F0%2F3%2F6%2C%2F0%2F7%2C%2F0%2F3%2F8%2C%2F0%2F3%2F9%2C%2F0%2F3%2F10&prev_iu_szs=1x1%2C1x1%2C300x250%2C300x250%2C300x250%2C970x250%2C300x250%2C728x90%2C728x90&prev_scp=%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.03%26hb_adid_ix%3D8790e9c807a5f09%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_adid%3D8790e9c807a5f09%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_adtelligen%3Dbanner%26hb_source_adtelligen%3Dclient%26hb_size_adtelligent%3D300x600%26hb_pb_adtelligent%3D0.02%26hb_adid_adtelligent%3D8848e4bc0f3040a%26hb_bidder_adtelligen%3Dadtelligent%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D8848e4bc0f3040a%26hb_bidder%3Dadtelligent%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=site%3Denglish%26section%3Den_news&cookie_enabled=1&bc=31&abxe=1&dt=1644356385090&lmt=1644356383&dlt=1644356384086&idt=197&frm=20&biw=1600&bih=1200&oid=2&adxs=260%2C260%2C260%2C488%2C1038%2C315%2C1039%2C540%2C-9&adys=809%2C809%2C824%2C1276%2C1447%2C172%2C557%2C10%2C-9&adks=3741637513%2C1106897171%2C1429551441%2C742559168%2C4247229103%2C3551852641%2C1194099197%2C2626557634%2C1935176090&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&vis=1&scr_x=0&scr_y=0&psz=756x0%7C756x0%7C300x-1%7C300x-1%7C302x5%7C1080x-1%7C300x5%7C728x-1%7C0x-1&msz=756x0%7C756x0%7C300x-1%7C300x-1%7C302x0%7C1080x-1%7C300x0%7C728x-1%7C0x-1&ga_vid=1944566919.1644356385&ga_sid=1644356385&ga_hid=1883195133&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1%7C2%7C0%7C0%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

dcd85c018e4158aed76180297163acfdb5ca7454d15dafd95bfa3eedfdd78ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36325
x-xss-protection: 0
google-lineitem-id: 5524693335,5057496946,-1,-1,-1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340975360,138269415323,-1,-1,-1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.urdupoint.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 48ms
21ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc8fe7d4cebc2244403b0e5fe43a275534919e3a4d71fd197b66a4c3f88392af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9918
x-xss-protection: 0

GET
H2 200 container.html Show response
111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F176 6 KB
4 KB 92ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 08 Feb 2022 21:39:45 GMT
expires: Wed, 08 Feb 2023 21:39:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 54ms
53ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

523ed7b890756945231453aa512ab830513f89eb3947780091b7bad01b3803ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9307
x-xss-protection: 0
google-lineitem-id: 4817747695
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138335493196
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.urdupoint.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 138ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FAE 0
0 44ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuR0mt4CYbFVO8a8957_9iV1MQcIeXN4JxO03AtU7fvPn1oF84GKxpTrJZWuAKZ44LHsQuaYDOZXTboHbrS-znhw7a3iuv-7r0QbxPThHS5ICTpfM5i9dc0nlECYnouYSFcGNSzb7IpcVRvKgCBvfbEJ4thu2VyvOjqTs1bzOglFG-t0_j0c-4JcL-vWCXl1pTxABt8IDBObMV2T6ud5Q9C5ub8Qu_QjmeCSF7voWxm-liI7t8NkQaLfv-GRs4Dlo3yGpqEhFnSjD7gRWWYItMmlAd-JgKsWAVumUimMxM4Kk&sai=AMfl-YRXgsfU74UkrxWjrkX5CdO12oY-aS_tBUqqT6fXM5DFxrwDlbNhha4_KW9s4-Jb1jmP2izSjdJioXcsNy_RsAwuCrLrLg0ZZjZxezHAtsImEDAa0FBWeE-ZN7IDvCw&sig=Cg0ArKJSzL6XMnJtPYerEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H2 200 default.js Show response
cdn.inskinad.com/isfe/publishercode/128442/ Frame 5FAE 171 KB
21 KB 52ms
7ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/isfe/publishercode/128442/default.js?autoload&id=ism_tag_6477284103147962
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cd239f0bf23efc33ad5dba04e16905cbab120f17a6484ec2b916b6668faa2e65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 11:28:03 GMT
server: AkamaiNetStorage
etag: "54b19214bb2ccc1e9463b30e3e47a627:1644233283.061355"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 21218
expires: Tue, 08 Feb 2022 21:40:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FAE 124 KB
38 KB 101ms
77ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H2

200

base.gz.js Show response
cdn.inskinad.com/eu/isfe/4.1/js/integration/ Frame 5FAE
Redirect Chain

https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
https://cdn.inskinad.com/eu/isfe/4.1/js/integration/base.gz.js

243 KB
48 KB

7ms
7ms

Script
application/x-javascript

104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/eu/isfe/4.1/js/integration/base.gz.js
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fc22f40bf8f3e6bdc48dc721bd8654de93a7703f7d3bbe954e9c054e49888a90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 09:09:56 GMT
server: AkamaiNetStorage
etag: "1adff868d4d41e5d3b82dab8f52561c6:1636708196.542611"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=25063
accept-ranges: bytes
content-length: 49135

Redirect headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
server: AkamaiGHost
location: https://cdn.inskinad.com/eu/isfe/4.1/js/integration/base.gz.js
access-control-allow-origin: *
cache-control: max-age=60
content-length: 0
expires: Tue, 08 Feb 2022 21:40:45 GMT

GET
H2 200 g Show response
t.inskinad.com/ Frame 5FAE 32 B
189 B 80ms
16ms XHR
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/g
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: fa03a88913c27b50a8816889750859eb28d2dd30b70d02153ceba5f7d07e68a7

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
vary: Accept-Encoding
etag: W/"20-hGG6h8ar++lNrR54FOidTAlF2TQ"
via: 1.1 google
content-type: text/html; charset=utf-8

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 5FAE
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=8331083&cs_ucfr=0&c3=1&c15=&cv=2.0&cj=1
https://sb.scorecardresearch.com/p2?c1=8&c2=8331083&cs_ucfr=0&c3=1&c15=&cv=2.0&cj=1

64 B
331 B

15ms
15ms

Image
image/gif

108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=8331083&cs_ucfr=0&c3=1&c15=&cv=2.0&cj=1
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: I367m8kpVJi6Y7rPh93xfMJ-OY8Byj22VnZyJxz6Qxx1ykTpx_jv1w==

Redirect headers

date: Tue, 08 Feb 2022 21:39:45 GMT
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=8&c2=8331083&cs_ucfr=0&c3=1&c15=&cv=2.0&cj=1
content-length: 105
x-amz-cf-id: AAV2P2KBHj_Te5QC_4EBX_n4KA0KqvrT_NE-enJGQ1cH4mSjgKWL5A==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB23 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:19:40 GMT
expires: Wed, 08 Feb 2023 21:19:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E1C 783 B
1 KB 49ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d19bbeaa603f0f7cad0b87e9daa5cf9dc77f5248d01c4e6b72a7335b0e3c127b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tQs3vqowggiPGjxP3K4W+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 08 Feb 2022 21:39:45 GMT
date: Tue, 08 Feb 2022 21:39:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tQs3vqowggiPGjxP3K4W+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5FAE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54c49f8d5fd70018820c7ff2c7a80e10631a835b9e8a4f2c9046bfe173e644fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js Show response
pagead2.googlesyndication.com/bg/ Frame CB23 35 KB
13 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9110c998143339ef68f7bfb147a71ea72cb23dde25fdfc7965a2c1bef5b29bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 15:38:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FAE 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxnVAwQ53_d1r0ZaOVd-coOzZcth2n_ODxFimOOVtxJmbGDiFArQ2jqoivF_vcJem4gzaNJ6Q4JHeEky2qaRrS71bEj41aW3jtOJMDUyfbTqAfz55NHLDaluJj7QUySqcYIVXV6POQFMP4c-BOIgatUXnF_lX-Fn1mxkoEchxLzycH2DDFxmP1P-x1eCpmwtNhH0dVdgWioRWkXKKwt2ugQXeQtMBkVdg4putmzDD-yd0HjHrC0QjaoMlhHvlQ3OOM_QJvFDk8cqmdp4G5whvuK8kwYkv60zTWS4bDeXbLGPx_KA&sai=AMfl-YQbCBfmrE34mQ1R3Cb2umjUtSQzbUGbXt3qskGv9aAMStKmzRp1RFxfGNPA5eK_NKvhG-JrO8A34M-pr_dszst03NmLixKsOIAljhaw8mEILQmQwSGEDxL09yp_sqc&sig=Cg0ArKJSzD9yUfIAw6uxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Feb 2022 21:39:45 GMT

POST
H2 204 rec Show response
t.inskinad.com/ Frame 5FAE 0
37 B 17ms
17ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
via: 1.1 google

POST
H2 200 v2 Show response
mfad.inskinad.com/api/ Frame 5FAE 139 KB
11 KB 613ms
392ms XHR
application/json 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mfad.inskinad.com/api/v2
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: 0494c186cc63fff32e82a4a91eceee908acd7ce5ec7b0ec2f19e613b5cb5d767

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"22ac1-oDg1MKG8P0TDyzmJf1jkelNYcH4"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.urdupoint.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by: bifrost-production-shard001-us-east-1b-i-00e93c67f48021d0c

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E1C 0
0 55ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020301&jk=1780333355919771&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CB23 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q_V-bA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020301&jk=1780333355919771&bg=!KimlKW3NAAa4sGsQuLA7ACkAdvg8Wvk492c1BAO17rGZVZwfzVjTXvBJbyhBBeWLZtOy8SbKRznUKwIAAABOUgAAAANoAQcKAJ9WlRO0t2_Ibfpojial3iME5IFWpqEIe0dk8Kc6Yux4ZTMiG8nhQmdRi5Rw2vrfvyCWFwq2CT2fnMNA_qEkqA5IfcW2tfTonoOOw1eGAmyJnS9-Q4eJa-Di9YVjwq7FOEFAFTcIrcvFwuarVmV-DX7l_dEND2FzXL94mrfnWSv3Q-1kbeyeBGCrczje8ysjmddktEE1sHU201f8ZqXiVBGZArolm2iqN9Lc3XQNpaeQgaCSgGWry3F5uooODMbAeHYVK6jDJ-CwvOqBlQ7dG4kaKg6T2gkJxi_pVFLp4I-G1dSNHsKnfNL4CX-TPiBLrCfcfgTyHNhIuJH_oZCEAHpkGobzUpKySP9KBXeom3j3zrYfWEi1gDQpUTSVugjc1b8GzgZgTzaG5X1yRbURIxH2C7TkcwEfR9ErTrxUhyujIA30uoxWAhY_aarjQIbmOXLeCxjmBtl9ZCOxPpoGFX3vr7u7ZwbLv-UfKPXZy4hos8hHHWwFQ_943vaGuABTsQhAy9GtVcs-6w5k3z40TLut2sxL6BDsQg--KXJvwtxnSH9crPVt4DXz8TJ8qc5djMkPM83f53bJCig73beFNs0An1iap16rz6zZ7BkmF2krW3aCZTAzOlu2H3l59k7CJStBFTLNcvUXYZJ3Asyre1r50nVLERRtcZGr8VbjMmK5vupFnEFwPBfPXzgy7U6R6NcS5zmv7d86i4ZkMoamA1BJkGgd5C3FDdbRaW0e7L9l6tJqAsIaTqCVaEIGlsPTCM0MF3qu5BFbg9FPx72MbEC5mzpfHcB773tp7ekDZu1jTog31TJGYl5EmGRGbnE4NicPHlljFMB-4_-tHzEVJkoWRzIrid6XhjacFjCu6mjCjCoX69EdJG-0hO_YuI83JQOg67LiwQeV6DvOSpci6w6f5NicYIsx3rSgHv0oiKEYeP2i6IkkrcFvvRJwxHYdUXuLkjiyuHTVAC09EaNW2JwsiYsIRENAaksuYKOsQsS6vKlxZTx94wvJ1cDeoiAzCwiEqLWnlH7ZZHyoQfzi8ifUI0QXGTwzkRhk5mA1rfz2HronKaPjE9B_kwBHP71q1MyNVNmNvs8CkNL1223M_cwRv3qXC37zr8JFV8xK19ZR5gRcoujX_z6dRAjVwA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pic_1644345986.jpg
photo-cdn.urdupoint.com/media/2022/02/_1/235x155/ 10 KB
11 KB 42ms
41ms Image
image/jpeg 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/media/2022/02/_1/235x155/pic_1644345986.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e27eb70649971913be9c3c0f28441677518e92433120e1b28a85daabdc383de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
access-control-allow-methods: : POST,GET,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8740
cf-polished: origSize=11295, status=webp_bigger
content-length: 10572
last-modified: Tue, 08 Feb 2022 19:14:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIYL6qWeJsss6vnH86FfLDT6o4c76J4w%2BBtlThp%2F9UdmnhSy%2FH0iHrkcek5XEOaLBjFjpQUz5CGsGMrL5XJnyt6Qw8JbknouYNgjXI0gwKHpvYBiiIiW7%2BrW%2B66cH%2F%2B1ru24GEJBnH%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com, https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com
expires: Fri, 18 Feb 2022 19:14:05 GMT
cache-control: max-age=16070400, must-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da803327fbd8ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 pic_1644345985.jpg
photo-cdn.urdupoint.com/media/2022/02/_1/235x155/ 3 KB
4 KB 42ms
42ms Image
image/jpeg 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/media/2022/02/_1/235x155/pic_1644345985.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75fa3504a7a50b4cd1fc4921a376c9cefb0f5e5fedec6411ccf3f35a2ec2841

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
access-control-allow-methods: : POST,GET,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8740
cf-polished: origSize=4138, status=webp_bigger
content-length: 3395
last-modified: Tue, 08 Feb 2022 19:14:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmKOPrYHSHdYGpDN%2B6W0%2F4gE3WQKOfBaW9F5cdiDRWv2jjn4l9nYssv1qU%2B8q7m93uoRgRXYBF75%2BxcBabIrz2paGnCjz4WMVw4GgqwATxk8eC4RuwVzV14xiV0cEiBx1oVb6CpBqUFI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com, https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com
expires: Fri, 18 Feb 2022 19:14:05 GMT
cache-control: max-age=16070400, must-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da803327fc18ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 pic_1644346729.jpg
photo-cdn.urdupoint.com/media/2022/02/_1/235x155/ 8 KB
9 KB 30ms
30ms Image
image/jpeg 172.67.68.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo-cdn.urdupoint.com/media/2022/02/_1/235x155/pic_1644346729.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 804ed6bd1b982ce770196f370d35dba1022015d868613c41de5593af7c51b94e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
access-control-allow-methods: : POST,GET,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8745
cf-polished: origSize=8819, status=webp_bigger
content-length: 8227
last-modified: Tue, 08 Feb 2022 19:14:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2I%2BI5dhrne%2FSjIVHDoa%2B%2BnjYtDMlbiGefoEaDrILyO8%2B8NQ%2FoPsjghgbJgqvkb21%2BZ%2F7aey1pkp4JT%2F%2BD%2F9r563ZKSJMs7Y4CkZUzbODIUWwsI3I1eALd5eymXqfUPqHv4SudlINH8P"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com, https://noc.urdupoint.com,https://daily.urdupoint.com,https://www.urdupoint.com,https://urdupoint.com ,https://cdn.urdupoint.com
expires: Fri, 18 Feb 2022 19:14:00 GMT
cache-control: max-age=16070400, must-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da8033339018ff5-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 container.html Show response
111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B9CA 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:39:45 GMT
expires: Wed, 08 Feb 2023 21:39:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 727E 0
0 44ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp8dlBiz9lavpSUBcjKG4DpRyw7PYKWv44feSmFF6bImLNPwYC2Cuv50Yy-1bBwpSUifuO20fHFfERRnntoY5kHdoMeycRKN89DUY41m9CW_hEFF-pUHc_1-H4JfCQ4JeEuWjNJcLT7B3pSPGN-71okRgrjiEntsFzphNnn5pkw-Ydgae6yik-JDW4JmrkIsYrZthl_i7T75r7NYCHdvz9iSvfg8msr16mQBwVfnc91fRe1cgUpjoqeaAxh12tZX0hJlDBeuPYKs7I6o3YoaIeAmPsFAGAVwYHtONwkDELonODwhQhVD0--z5SlOGTo9vY&sai=AMfl-YSRuyvLRce4kqUg-ELk0uUo0CRGFAIZEAR2weAljweUrHh5-gy67KjFWFu7jP6wbyR6Aj7jzYkklixcN86moHT1AGDTGB6m7dJUZtOJ0BlMX2Uu1H3WbdVrcTCHpQ_s&sig=Cg0ArKJSzPDsaHsJFrDMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tag Show response
a.teads.tv/page/102183/ Frame 727E 764 B
674 B 133ms
74ms Script
application/javascript 23.209.68.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/102183/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-68-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 94ae7beaa4f1fee8dfea623b7805d7140625bfc59afbce51035293257b8b2c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 474
expires: Tue, 08 Feb 2022 22:39:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 727E 124 KB
38 KB 69ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D89A 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv43RV61RAK_BQLttRlyOHX5qZMu0PB9ggPoN8UccxqCwDZGmfAIaV8be4xX25mxmAfuVvaYswuakzhi0xmGBwhQ8Tc-tl6eKTUPFGKkuJXbAe5BKA74JaVO7VsHpdmskhg91tq-L_suBboHjoqpxYso_jG3noV4sZpdbwe1G3naKCM2J_AP6Aej-CxolB2slD9xFSJzKtSlVc3KmyWsvKZh7UtUwrqlECLwQ18frwQopUBtM9PSbPY9FJ1IySwmINAchKWylGz0FnuRbi9Wq4rJVB27OvkgyFgqXpc16jyuTsIINs&sai=AMfl-YR8HZSdCURZ-bcUv-9YAW-REc8FHcfomcV_t6VmTcz5b_O5QBSDoIyujOqstc60ksE4C5_n7lapYF_9NLSoJQ8mxWDJJ16-dQu9umgEf4W2pQYmimwedRfY4IV5NFWf&sig=Cg0ArKJSzJCFT2P8AKHdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 urdupoint.js Show response
player.urdupoint.com/player/ Frame D89A 310 KB
97 KB 622ms
25ms Script
application/javascript 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.urdupoint.com/player/urdupoint.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Remscheid, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: bd8f0ed06b169ad2d3b538c95cd7b3dc22f8fb3cc36b05fe85a1e04173d18f8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 09:47:56 GMT
server: nginx
etag: W/"61f118cc-4d808"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D89A 124 KB
38 KB 112ms
103ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H3 200 container.html Show response
111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FFAB 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:39:45 GMT
expires: Wed, 08 Feb 2023 21:39:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame 6F03 220 KB
61 KB 65ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 444507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 6F03 16 KB
6 KB 76ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 444507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 6F03 96 KB
29 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 444507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 6F03 5 KB
2 KB 80ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 444507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 6F03 42 KB
13 KB 77ms
19ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 09:08:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 09:08:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6F03 4 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 21:17:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Feb 2022 21:39:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6F03 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:27:16 GMT
x-content-type-options: nosniff
server: cafe
age: 25949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Wed, 09 Feb 2022 14:27:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6F03 344 B
368 B 9ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 16840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 09 Feb 2022 16:59:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6F03 0
0 52ms
52ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C03bZIeMCYuXdCqSplQfvlLHoBuT39uVn2Yed1qMPloLNhYgWEAEgvpaaLmCV-vCBjAegAYCH7PACyAEJqQLQYdVAnCizPuACAKgDAcgDCqoEogJP0F8WGsZ08dZ08nmxFfYzxUiFvol1r0h7mCsg7jKfX-ls26a6MRMWRVy3TVMOhR-rGnyAU6b4Np1QF67YzAEjCJj5jh2AgItoYZulFkLC-8Z8MxoiizNcCwtbN1PzdXru7G_edBuqliElNVBAPvz9clAqfTuCuKW6z7PilgTHqEqbss0_6oh7XsXY9k9dXkLLjos2rEyXj2TUqZ4iI5ftN_RiMs4M9Ys_UJ677CaMNrL6cjiUvjLHExdKVTMl8Ax75fmKXNUuccY4Wv3frKoV5kxBJ2tAH7pxiSBfkVkasOLU0eIOlWvFRMmJsgUDkXG_u2UoI0EH54ULsDOBACzSUojIZWa0CNJAim7xGi-xGIN_HN7Yv9rj-s3ZftDP_1ZiGMAE2NbOxPUD4AQBkgUECAQYAZIFBAgFGASgBi6AB-j4k48BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ5fQC0ggJCIjhgBAQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTI4ODAzNTk1MDY5NTcwNjYYrusS&sigh=qU2MZFkACd0&uach_m=[UACH]&template_id=484
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 532A 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:39:45 GMT
expires: Wed, 08 Feb 2023 21:39:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC84 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:39:45 GMT
expires: Wed, 08 Feb 2023 21:39:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B4E 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:39:45 GMT
expires: Wed, 08 Feb 2023 21:39:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B9CA 0
0 46ms
45ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr2EZIeMCYuHdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSXAk_Q5m0qdgBp4WPpJ8msk7ERbekxS4ONshbiMImPdm_KELeyVmJLrnhb6sTiaYNdDV4y7RiqM9hG0l1smemrNnbgLDJVS1gb4MhTFReDDFkSpv0ED00MvxdvYGhvo_llIfNrnEjXIDhAbO-nDwLWh13rPAl8V4DT8-R30I1Rwno57Hj-A4o6pUHXJDestD2g8CTiMETy6iPbnCyl0YxMVJM0nuAKntl2Qlq6eSJb0TICn_oB8sLeBu5Vp6wr1Whn4lZ1OcLawkwekYiBcUHRDeZD-UBc9cUp4vy_5Wb6HXd9FtOYeN02Yi23rSFBvWiqx_p9Q5EOTdn17iWqenrnAQdiSATwYc6PPMTvxHfNPjd0mUtL0iKEHOAEAYAG8oilvauC64fJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI4ODAzNTk1MDY5NTcwNjYYrusS&sigh=B6D_4ebOsxk&uach_m=[UACH]&cid=CAQSPwCNIrLM8u7qGKSM2vUZ9HK-X0E79jLCT_4VxKvKWMKbIN0CDIX8VuYjwYBY2jXrUBph9WV8BFLNEcrtD5BwaxgB
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame B9CA 0
0 62ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uqr8Csc1rAL6AZ2DYgICAAAAN4A9jQWM5QrWeQlWECDjAmJPyzSDX3RxXDP8owAS&wp=YgLjIQACruEK5VSkAAxKbxmdH_mrPOxaQQck4Q

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 302588
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DD74 246 KB
63 KB 222ms
180ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruEK5VSkAAxKbxmdH_mrPOxaQQck4Q&u=%7CKRsYBkgTaOezxU118dZuXmKK4zJ6w70aoQVFYHdpN2Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2BDP94ms9lfiEN1F7qYpgGWWkF9lIHFV4AtrLB0CJGs5YbcuFPUVkC6WaNSvk7UBtCj3hDhD0VZgzCPWv2OfDlKCVEfwSV38N7oombTlC_gwp6MMUH4hTnzMmJLNBsidMynBCgshYGCaGgpYh9JRsxTajEWod4nfHK4dW0aZoBMITQiG6FKY-ZLTlktmDpzzxGc__T_zRLhvepPDBO2ZvddCF3kHSAySCKqhfkWGUrob5YvSV9qa8exzWdSWeK-ZdvjMFH95QF0BnGzCMxKj-eR7QW8OkLfRhDhSjAxmt7a_obevVqNBcfLG8DSB2ttx_CQvAWH9MX1PJSFi25N45m8Zggc5ULZkK2lntQrtEbSQoLU5RDj9Djnv7iJByFsOsolrPzUr9Kd8cHaAmNX0J4Cg6tqPHfBwk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv5HuIeMCYuHdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSaAk_Q5m0qdgBp4WPpJ8msk7ERbekxS4ONshbiMImPdm_KELeyVmJLrnhb6sTiaYNdDV4y7RiqM9hG0l1smemrNnbgLDJVS1gb4MhTFReDDFkSpv0ED00MvxdvYGhvo_llIfNrnEjXIDhAbO-nDwLWh13rPAl8V4DT8-R30I1Rwno57Hj-A4o6pUHXJDestD2g8CTiMETy6iPbnCyl0YxMVJM0nuAKntl2Qlq6eSJb0TICn_oB8sLeBu5Vp6wr1Whn4lZ1OcLawkwekYiBcUHRDeZD-UBc9cUp4vy_5Wb6HXd9FtOYeN02Yi23rSFBvWiqx_o_QbCcylZp_Zo2btk3PKGaQRD618ShJEZbDEprzIhqtVPOeKaXoxXTcOAEAYAG8oilvauC64fJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uJGsQIJ2Ti0pr-DC6fKTEB-NERw%26client%3Dca-pub-2880359506957066%26adurl%3D

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

72f31c523cf1a36dce8fbaf6701e062d65222df0f0736d3d8a47c231b95b5fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TFZ2Ny7lkg5pidaDgB_L6yPaFYd7kDb8_ZfwxJbnL0seSuPogh6_BA7VMtaT8YBJ9Hh2yMvZcABU8Ww_1CTP-Uqu0tOM35OqUHoshw8AouJFHiT1jh2MIKricBb4VdVKTc2eIXj0uVazbTqgAT7ud9NU1gmaBVUjhc_7NRtENOWtQjhln6-mLiw0fX_s4vjVy2ysmDPVqszyqG8KaZkEK_ixJG6iVeebzpOoDlKty5SrSzZxOFjSLDblaq8PV-q9b4m5Lw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 132933989
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame B9CA 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:38:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9CA 124 KB
38 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame B9CA 15 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:36:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B9CA 0
0 49ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFR4nl1G92f_cBW27cIWWqMXKV6BC2pUiyMNIyWpme36OskYMS3rWvt9OoWbVau6oNzTnQQOh99UBPlqVczlHx3kE1kw
Requested by: Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B9CA 22 KB
7 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 14:03:10 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4DEF 624 B
838 B 51ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNXm2smzHu8LZjF07_xRzb7cidpDMaYy1WFvK0WxknxwqGocrxw99jSqPRnYpMrW4h_puSn7yZEUjKpYoTx7rqhTTG3CHPE-EMhbFnE-1MAL17qOuC1bP3ShXJ2maQqkOKnG9E6bRLLnmaTYgsPEN8Mj6oC7SZI44BlIDuG55YUTfyBJmrI

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 08 Feb 2022 21:39:45 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FFAB 25 KB
15 KB 70ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Awts4vOBLGPWe4YEeA0N2BJtj9VRcSjMny7Qt_t_fv1d-dE34aaIwvC_2-JrfTss6bctX8GLGexpJquFYXBDBoMm_8G1FhbhRbXfTMTASVDazJGWDEmCPx2PETc0zVMN6JwAOD1itmFA_FtA4SUQNIh7b94w&cry=1&dbm_d=AKAmf-BtNOivWSZLRWZbv7NYjMM7Hkir7iKG84uii57tZ87-bpB0DMxb0pugkQHxdzhFOynNv_LMrx0XiB_S6tG9GoODd3Tay0P2ykUBNaP3TTHKI8LNKjN_kRDJY_GmQ_c_8RAvIu7q07INvmR4ThlUu6Ymim8bbhSfYSoh3Plqvy8ml0lyldjM00DLJFTsOjTwygo6FVb2BBR-ZaksICv_It0XcIYqKOBiXS09YQiXa6xbJqVGg7igezNcZqgFxreJT3LCWFf9p4N3tuVV9e_44RUmInevBEqoCLA91HRsZw5CH5LqUOX_dE_udicxhJbGDYuAwRPlKfdcg8doF0eEJMr_3A0oX-8kJeTWeGSkhZ9eSIIilJ2e_OOLJqe8uKcnDgA9qZ3sJUXCVTLmLyzXMJs_VYHNdtH32XD7MpNtjJEV3prgZjmn7Wpr8gg42QyGHrxUz5vGNrHwQHaljmCq83KivK_bdP-8Tc8F2vSmu4-WTCszcxw-XMU4CnFFzsQ8ejTvqMXXEqV8n-6jjCXFJ3x_5svVPKiJ4IC11aCip2jJP0auqaA6y6JD5aVON15d--MoQDbZy4FYdYq0QDXynt8ibAbnlK2en39rsnxqhSo2WjoZ9FKK6FoxbXp8o1nJXG-kcE_h3Znyt8JmyUE-ieRh4agfCCDNklcjj1A8tgSvPKI3u4xieKs2AIy9mQl9LGnKLvDlbKamgfJdEybQ0ORD98Y51UdPpDFszDEwgNch9kRzmlZ4PLpBA2tiFil1y3HmZApCjfaoqqUw_Y_Wl55d4_PjOd-RaxqIpJ_13rFhW3eTVDONammPZDRbJzm_O3ireV3BM931kx2DaaPvx-OMCIbGD9nbQ0TVR7PSV_CqP5YiecL267Vr2RW45H0QG6iWUPUu6ay2ahm-l9x7bhRJTzjIcmxk8lDRXGJvRhmK2Ovxe1h_pgYCOSAqqI5k3LfwZY-kbgvkTXpcVVGWl93h6_uzobRNzpz0w4K12WVVKDuSlvWFntbeKVTDu4c0aksjJi0urWMaWOiJiu7GkPa9S3X-yeprHcvKYcPkArL5-M1aY-9EXwTLHz-fQR1U7ViuqfyQUj5HnuO1l5wJwAhYQNIP_HtFq9lE-nwGx0ssIl5zrMr_4lbupolNjit94Aib3nlwVaiMOazOqOqlvWInXn8MNW4jY6Jmb6s6xtrXCJXnsJNjMegt--PLa9767zoz3yGhN4fqWo4SdE6EK8D0pEFoVl8lgG7v0rY6vM6eVLOicHfpR6KAU8TruKG0pEUCJeES4gWTNc2K4z1fRChQoNnSrMRG-k94vE0JnzuqMfKIWtLswfMYxp-KHyEYtZ4yIB3LKTf97YFCUSVwtNqaLtAK8pzf4faH6K5Ab2Koh7zJpP_abLQtLsGWtfVr0h9kBL6p6Z2bgbnjPKdfNeiQHtv7R94hN37KFf7IpIZVa2MPdGwGNfoOdKUBoAfaLhcYqrbPWS3vgVqpl05rjMo0vB1z74v6YcTfXvPAp0AmN2g2qwfyC3tIOJUPcO74VDqo7FvPzr7gnOV6vwDaeebOVM44Mw4scvsQ90FqNWmyc_xzjUMmZaMkmfHRIr0zfQUToeLLoL9M0MQVV35BgiuvDKCc8WiNFAYMlnoBvkGd3AWVrj0lQOIOQ7vfUCUX0EwNSLzqmPgbDAm8ha-TVZhkFItrDtyJNDrD_dSzSwTEWDUnTA-5nkmBN-TqWM3YgnP2IyIXztvUtlLt5-kTDZwUWRz5L1swomp6WieSBGA8wBYutjNjJm0WaYMTjeIAHD2QjZLFHs2EmQzARO3xcyxKP-5mSvqj3c7SlMK2RpfvthGHeAMDSoxk46gRnqVaofTKAcxPfWrEfOZ-9lmr-E3Z_YooDMiq4RE3qRWdk-Z0wpx2-zaJUpATkLfTl4E4vEG7dk-vqB_36ENSB4ugXg-86ERTBPBiqNDq987991ip4EKucSg2Ow1SfOK4gdZqUKg29kF9WKuEfP512KELbj1pNE_2jCt8T8ZTPfLmaTAtrBmZpMaC2jcDOklnA1RV2NJ8hH04GDgwwuF9BOneb8zGj8YYUzJplG34lDtScTwq6hoYwMYg7VePSLM7CQR8BXw1NqioSktmmphFxlWlH-sfw3i1p1Y2j3HxOkKHbci3hRaSg-NiLSxgpd9U1TL_eXbQILSLh1JAThoXpBHZL8w5DWakz0RoBgLKKS1XydqLqCQNU9ZzIn0N6LvnVrA74GYyWEDmcAXfSKuMndC0bXnTe5BfZ3vXIkQ2pMpx500nPTQErwYF58v2_DGgimvp2U9dvgNzKnwxJGAfZlRFd8ThGM8F9dLPd5GjHNqlN5LPyfjtQkmuDFrzCXp5ITCMFerLNEDKeiPD0427PovwPmbCr3k1jcEVLNAZiwxmGVRzbYPVGUm-9YIzAy3QQ7Dj2ic0Hq8RNMQzOfIDtdYeY2Ol5OcBvdUfswTcK4UU58DUVaIRQfceC3LwbafSKEy1FnWA8IHh0PhniqUr1q4Br8T0jVLlrbfMmSO-JdSLMxFfaVpbxLS1jhHRxa_HAl6Ip9cz6r8bOK7goGn9h0pC8PnmMykLxuhWh4PEG-NwxZjLtQw6k1dbVY_2neRDDzHwQjriJp0UPoKjrfai7Au2Spr67WaBCUAQgk0YTxBMqD0U70SuiEFWjE_kTAK95AGshRFRZmZHdK3mu0NouAFm5x_Ssy5nkT6hCMMP0jTb78G-yy6ODhvBsDKVpOU2fX_NzPxwggcUbjqqykEa8FMGTRJN1H1ucEO3YwNmfFvSq1bVh1FZqbHCgNSbL6zdUnIfoo7KIf7Lg0caPZXjQmunMVE8PnvzzUhTIPfnCtOomVxhkcNaCCf_p-buqagjPmDI5fNkV0n8JPNGGv2u0m-iWIbdLmKaFbtmwwD8Moc9psTfygU_ulSuGiQdk-cwFNEl4U48e2LLXZbSJkUrIBkUL6--B2S8jxGLzTLdTY7ZXabBdCGlHjODEdotbf-4EzOPw6HVS_Z0gonJdQHMyx4XWMy0S-dct5M-RRqb0UNlBO5qGuOOZEu5FLaEbMoNhIdn0U3DnaTmo4u5G_2Qg9X_1I9Eugy_6SUfuGCN1wMFR9OrKurUyK8w6herm6loxa5vzR-1qidU3fB-tuGOqcESHv471GShiTKhYBa8aTAbHBf3yYlLi4AgVpPNyalqV-wURGUCeYDKkpap24JujCJWCpiVdW6Iq9TlUVGup0x2JIKQ5nhKbLhevvYJ9S561q-2E7yzHODy&cid=CAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw&rfl=1%2Chttps%253A%252F%252Fwww.urdupoint.com%252F%240

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe2ec2b1c26f835e104c3ef4d6c2ac3d7899c23c202a340a9617159bb59f7f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFAB 42 B
63 B 42ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CoERbGqz50QxaltLE_mY_ufxZjDzQOLhVuoxVSAsHz-Vd3zwPIsHtqqj2Pn7jKySd_c0TwF6MkWK_FrCQ8nWX8ZkW9eUab2-SC9BY_ZIDb174bUIw

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame FFAB 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:38:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFAB 124 KB
38 KB 110ms
106ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame FFAB 15 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:36:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 532A 0
0 60ms
56ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMN4KIeMCYuTdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSWAk_QM_rQe2YJEy8zC7LWMUe5UOlGfl1eK7JNnZ5dCa48aA0toHCUVzkws1YemD30I2YMB5H9q1ukE-doDnj7O9gX5ne2IUaFqmSdFS45nYpkymz1kFnZ5IYDW0AqifU3Jjnc-w0Kej3Kgs6gV-w0ENCb9ghNk86tT75bqxNTmeC7eJHUf3cNv2_hqmqLrr7jnmUnuHMl2avx4imVDZVdWmrm8x4nG2Zf32S0IghXdvrhSHnEN3f9f5QqTkij-1O4CghNzozzRyVn19Moe53N0XdRysN3d2OsNudYzby9p1DNLDI6pcPDDJKbl3PlrNgmI37cqhGN6U3mIhUH6Rvl_QCT_Fd0O_z8XDlNAI8GLFy38Z-zmxPG4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg4MDM1OTUwNjk1NzA2Nhiu6xI&sigh=wVIHXvEYDkI&uach_m=[UACH]&cid=CAQSPwCNIrLM8u7qGKSM2vUZ9HK-X0E79jLCT_4VxKvKWMKbIN0CDIX8VuYjwYBY2jXrUBph9WV8BFLNEcrtD5BwaxgB
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 532A 0
0 52ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uqr8Cuv_CsoH-gGdg2ICAgAAADeAPY0FjOUK1nkJVhAh4wJiBGmXuD4XBzR5FPgAEg&wp=YgLjIQACruQK5VSkAAxKb4D8OZGruILaEoRiPA

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 195758
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7E80 181 KB
55 KB 176ms
141ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruQK5VSkAAxKb4D8OZGruILaEoRiPA&u=%7CKRsYBkgTaOemT8TvUVy8DChR1b0jpsvRmUhzkURNoak%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcX8JuE2Nok2HCYuMm4Kp5oz49sKanr2hO_Anus_7YH6kRHH5_-6Llhj8L2XUSPPbvEDH_dm7Dee0tmNncCrclMwAzbWRGHtVfu_2wv7ChKG6s1yuWHEqkjj7cH9fA7Aftq4KOhSwNp8LHeYLF9VLpLjf2OE2U2B9M6s2Kv_kDzJPujz8m1q49dZB2xaEu3MjszgIci1bb8IRk5aqQ9BuP-jJDNuLKZ_JWY3u3o5hJgsg9OvnAWEfofN7rXqe_7fAZXJGBDW1hEjW8pCjxQy1XSiGe9vdQ_vb-V8Phyjd6ILhhGdCn2ENbbO6PUvvodfLhGe9Cyh29ZAKOfabfx7vOHbw1THC0GcESFaGc3RJ0I6HhGuwwGV80MdXayfBRVdxhHKNm_ILyFPY4WhmGs7EiPcCqarlAoPk8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL7nxIeMCYuTdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSZAk_QM_rQe2YJEy8zC7LWMUe5UOlGfl1eK7JNnZ5dCa48aA0toHCUVzkws1YemD30I2YMB5H9q1ukE-doDnj7O9gX5ne2IUaFqmSdFS45nYpkymz1kFnZ5IYDW0AqifU3Jjnc-w0Kej3Kgs6gV-w0ENCb9ghNk86tT75bqxNTmeC7eJHUf3cNv2_hqmqLrr7jnmUnuHMl2avx4imVDZVdWmrm8x4nG2Zf32S0IghXdvrhSHnEN3f9f5QqTkij-1O4CghNzozzRyVn19Moe53N0XdRysN3d2OsNudYzby9p1DNLDI6pcPDDJKbl3PlrNgmIzzei4MKZtH1nYkTSsvYW_ia6F3CMdLk3o2FPSn0k0Kb6RoZHwB5HI-r4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ll8rpT37pb0NMFh_2BhFOd7MRcw%26client%3Dca-pub-2880359506957066%26adurl%3D

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c4c1f8329e7dde62ace7963768827dabea2232c322e13d937fa6ad2cdfcd0063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ROXHci7lkg5pidaD9RQpHO4Lwdp6kgFS2ZPRAQHNb4k0Om6XMJF1r54J9YcKTFS2_6obRUvnOiynavodFV8dz5aSx5RQpJDzalb0rQzZOuk03d6dqho83KFZLTazGT-02xb1EOkdjRj71ycYrS34RB6YooAIC7tbzZ8h3496RBD83QJcCInayo4pAhcgSSMJyUMm0D9-Yh2BE26QpRrFUP21MqpSLE6usrauZQeFLLBadDQzgaCPAKQYxY92NMteTRKqAw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 117133393
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 532A 2 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:38:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 532A 124 KB
38 KB 106ms
102ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 532A 15 KB
6 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:36:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 532A 0
0 40ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ32UFZonEAjWQB569w8PfmAO3-BEFcjxNSacbi9qKZICxtlWQ5wxSKYREWz7VFLvHk1HW2PXjFq2_03EiZlZKqiaxKnQ
Requested by: Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 532A 22 KB
7 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 14:03:10 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FC84 0
0 55ms
53ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxgXEIeMCYuLdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSZAk_Q4oGJy5QGd9iwnXC0QGL5JMLrzTpZrQYjibKLMJJttyVeNA5bRjkWSYvZt5vxhM1srmy5izEzUUyhx5LPFPlLkw3ol6SpFDVdL56DGkbpXyrNjkzk3ycqO5aMWR3d08_O-u6xCFM3X7MZITuW0VNKBfE5e-OB0qIgNrxZkOzTzThNCrjYx4vaMkQyXrKrsM6jBV_XOkr0HU6nOeo77BLIiBudXE0FZkOFbaHTtyXjr2EkIPVJK0c9bLWsG0EPaAeyBBBqMjoCS-FM4CF2_McKSwJneHRt4XpFvkWXfvRDCiuMb1xdNtdDcW9IR1Ak4gvX6Jv9r-XMHlKj_CBZlLnf-mxSQMTQrhaF4PG9MnErTi49c4NUDrZt4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg4MDM1OTUwNjk1NzA2Nhiu6xI&sigh=nM2h-9XYvhA&uach_m=[UACH]&cid=CAQSPwCNIrLM8u7qGKSM2vUZ9HK-X0E79jLCT_4VxKvKWMKbIN0CDIX8VuYjwYBY2jXrUBph9WV8BFLNEcrtD5BwaxgB
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame FC84 0
0 49ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uqr8Csc1rAL6AZ2DYgICAAAAN4A9jQWM5QrWeQlWECDjAmJAPksG-VFU5qLnXgAS&wp=YgLjIQACruIK5VSkAAxKbxhg6TThnFcUvODZoQ

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 273339
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3DDB 177 KB
53 KB 201ms
170ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruIK5VSkAAxKbxhg6TThnFcUvODZoQ&u=%7CKRsYBkgTaOezqm5Ynu7fIZki9tKU%2FTA3au%2FsaKD7vdk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2BDP94ms9lfiEN1F7qYpgGWWkF9lIHFV4AtrLB0CJGs7B1lIaAAz0gWh_i17wBKCal5W0QPbfNWe7BzOmyAAwwiTRy4LzxjqP_51b9xvuhMob7m7Ooavjsh689u5qy4Cq8oiw3WVYBHvjHckZFcXQss_Gi-Vnnep735aeXMoNuw0FnmrRvWhc-np6Pc1Jw9Z79uvoKjJTs0jUdTjelfbIJdbnmLGwxb3Qu3QHbPwUvt8jr9FlPQWnGb_iNyfatYZ1C-0CvAZnKUaQTU3-hjeyj3c6y_TZk-RjqcJi3TFu403ybRYwULHkEtpebWdVMjAlWK0CrTZdB74BCI_27bDoBKfcPhEYMx2upU01vbvlSmAI78kmxliKfmWZgAsgSbE5aILaD-D4y3rWw2yT0uDQ9Id9rxXrpSmo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9IhYIeMCYuLdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgScAk_Q4oGJy5QGd9iwnXC0QGL5JMLrzTpZrQYjibKLMJJttyVeNA5bRjkWSYvZt5vxhM1srmy5izEzUUyhx5LPFPlLkw3ol6SpFDVdL56DGkbpXyrNjkzk3ycqO5aMWR3d08_O-u6xCFM3X7MZITuW0VNKBfE5e-OB0qIgNrxZkOzTzThNCrjYx4vaMkQyXrKrsM6jBV_XOkr0HU6nOeo77BLIiBudXE0FZkOFbaHTtyXjr2EkIPVJK0c9bLWsG0EPaAeyBBBqMjoCS-FM4CF2_McKSwJneHRt4XpFvkWXfvRDCiuMb1xdNtdDcW9IR1Ak4gvX6Nn_jndLkc6wQ7xNN2niXJRbVM5mpDidYkV1D9fZ8TARawb-iqXSWcsU4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dE_izS2duAk1X0pkPwAXEuo1V1g%26client%3Dca-pub-2880359506957066%26adurl%3D

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7587ae342ea6ed02d05f3d27ce6227be22ce2c2d124818028701fcbc70176cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vLKaui7lkg5pidaDM-EAKcdWKP4QwCA3bwdywMe2tz2W5J0lIpf3hBJj1Iw2E0oYHjJrPQZsis7RuHo_zxVnQWyEoahsWYD_4DmNLbZEW39hdUYr8K3P02tsHarDqfHRCTSsvUn4UC1zrI-ZQf00uwBLjVD79ZgFVeLfbvzWGUsXSHPc6fcf28qMIisV8rhK9X4xeVdSfVU7WYbWz5tPzrGUy26zszu3kDaxGl8Y0SL_ApjAtZirBke60nq5RwTaky7ZHQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 128747315
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame FC84 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:38:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC84 124 KB
38 KB 104ms
101ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame FC84 15 KB
6 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:36:22 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FC84 22 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 14:03:10 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1683 624 B
422 B 42ms
19ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWRjbjWNvJLlMHNg9FxvP9X9DPK7UObyCmcUrIrVmNGjla0lTZ2_afnAvvV9DHLmEEnAsP_ZCCAalKzu5TZjpnYa1fj0HeD_PS7xeR5HFhW-9qexsbSzreT9jxAoEUmFxNOoKNb9tlYosiTxSV8YDx3hkd0ihBEhd-VMgOaoyIS1yY_fNQ

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 08 Feb 2022 21:39:45 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 21:39:45 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0B4E 26 KB
15 KB 63ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxekZmLpAsYVjq_xCd64c9VLWM1t0B5LWytCDd3dcbql217f2OEcqkJAg1RGoqUW-RMFMjW1uObizbDLJfIcYmogX068tmZp-TBKpCk8ww9O6sMgJUn_frR2q-FnbHbvaaswKybM6JgBppYVd5ixo5-6XF2g&cry=1&dbm_d=AKAmf-DJmSYwruIxCKJsnhGDzSomVW11tOqq6ccrs4o0g1_2_msBmuGGO90Hfaor5-LoO85kP5HJAC2j8QogSjZEf6MRx7JTvllOvWszo-gx34Gj6G9LQUj8GqnMh3SfkYNLw0PSmJ0B1g7kxOYxr-_0in4d5LtQ3Epy05zmswD_uUYtM12TFZBWOGha0tV0UHfaQvLPS8bDWjcTElRG9MEBxs1FKViVPBCfIOSdiycVSTNdveXNxj5wLpzf_N1ESlclZ5pmUpvi-QagonPBQwFDMHjkc0XgLp8GcnnZOmXRWX2zUaDZtl7XPKas9sTWogOltrn6EXi7uohgT25Ek5WasyC0HUnUWmw4psQgRRNoebRWafmU2bi87bbvhJ7DV7HX6-04Yi09275XXx1SVnOYJ60Hk981WrQYZ6XgSfFAYlSBu3ri6FrNJ_PlaaRWQNfEkww6E09bcQit29dAQtED2ytghaDMFk0wDqu1FIwUvGj0M9HFo84TnBFcnVWyNtHcdi3ECW0cdkMyFd89bkb8-WopI2hKPkIADSPr3puhBTN3BNgehw9AwzkuLh_javstUpYTUg-gcYkeHveX8VMtItvRQaiIW92ygLAevmxvpv6pmP_qrjOUGUaDuxf-Pw_3o-tO4V8rLQZTL60sHmvOhpJ_22yMG7eMVWWCrpY9f3OjG6SmIjDG1bNeHCP5BBqQomTaYS-8Kw_mWL2sfp8j7CKr5FZF29h4sVFcG63_5ZNv4ypYzBCnKZuaPR1xxlE6zIZnMYkZn8HCLcqQf9KzuxRsieIrco7Vx0qBkbpR4_EnajzYzEPOjW5YQKdB-8vGXz6z-TuF05qtWoQoab1xogfy2hhdxz-nAJfVAg8c1Fvy2Uo4WFxCI86N9srlP0EJ9lUkfdd2OyKkyjNJ0U4ynCiIlYmy3uFDHsZkEGrENiOpHB3wtv2dHmtk3YiSTnYYXchEE-rhkhTKaLmRZ_zi7VYUJLVcyy5cLycdFiq-4hNJDPI1xlsNLLJbgPZTewlWx21gMER7r0xNBJja18vLBXcR9a3E7XtXBwiDYphiV6WNf-pUtw1owQdl8UzsAAV8y48j80FQtsWUTwbbGFlOAaQO_vYLG5IsCwccgCGSBcB56kxqb-V4eZwMpLRZaS_dp_DAXKyK9r3YbTXseU2XQqxT2XEctTQnmFOJ4gBsg52przKjYfVUP1Z_tOkYVcd3FjfXQgETi7Qm1WoqrixQu4DWJzSd45gS_gfIlcjZ-8DXos0gvxX6UYwtx3ZimsFaBPsOOYbtpCJkxY8OFC-29gyq3_Y4UjtmxCie8MT48qyc8BIr8YL0uYM0dAv00i9z748EpaZfe7Pzntfr6oBV0GLEL8wE-7Sur4YHOkiMHciTPolYEssQKDrIqsbR_ohwzDS98of81YXrrxUnEcPSMuFCql8OLb3ykcYbRYA4urXlAwSv0zJ_4-7ehEESPgSak1T4Ew2FPHVP9_70_gK9CcccliR3zGXLHpzXSA3duXmxM9FSJIjucucaqEJXaoNXLmVzbwymwx3E8wcwshgBQ985cspOQv5tYQNopBmxZjDi2VkkNpvfF529wJnkIOz41hOX60lvNTiV_w4EoeXR3H-BokulE1bq4C7sOdRwxaXp8OHbKW1pmek_oNlFr5QjvCeP4v_52Qqmkekyko1QReb_R35i4BJ3xtlKmGWt-FqDbhVLOPQ-mBHEDQGGzMsefhkpP7jwDMWv0RTcT1wwEnv_Pvx5h6julxHI-5G6uFthLgQMz78Cc8-RHWjgcqMDY3UcYippDFrCzPnYvgI2ILgyjxb0ndkXDVPjXk6VIwrQH93ViL4Xj-jMxJadwG4ktXVrPOYwy4uhd0ssne-pLa19SCY3ESDhcRFGRjLNQtJM21-Z22S5exGzPCWJ_UwFTKFJXeQ8YuPn1CpY5H44k2Lp-t7-gWrH2txHe3cDPW9UqWIMFMOY9VBnFQc1GumnzXyWavraNlzF159elSKGxZ2ZW5Ro8yG6hXWcQC9Ssl3MIn7Xy6EWYbi3bC_aNgsHEG-mQZGO0Sjbb3qU1TKCtVFfaQIXk13uxZ66oJZpt6u4X67vkNwgVqWRyrV-q8-ztou9IkqWFpkSgspMgl2Ek0agazSH1D1KaxgR8Olm47ShD-nGT2mrO1ydTL4GQWhoPn9w9gpf-WB88r6cM4edHvF3An9IuCkCKt-hWyg5B0IGaYlk1m_dSSaKvAysmVgFR__zEUVUu37IuBQAuuxKvBVsuuAQIuft6vIWYgvnsHMUeEgmJeb4s2xuEMwoTwAA-4SOV6Bzgs7b6y3tyhGADmb7oUZ2y1x3lv-7Jdd449H2IAmTYNGsOYrCHb-y6RoRMnHvZlnmMs7I1GjfsU34rbo_CpdFSvovCNg8tMASbYG28iqLNerhbsUY9dmLTdyINhh-nB1PEXfo6zh_WoZnUUsEvRXjo0qJHOSxHzSUFCc_Fdgr3ED76e7HCM5JlbWD_i1iJsJWSdIatfA_Fow44tjUDRaa3JyQuN_yCKG9yW_dFNdP-lJVKQVDni09aHZjNi2J4qa-qd66jo_E6ZUPu81B30HdJJNA5xFG9279J4vBGTIEQ_5gD_D0Ia45Ue9hDQYd3A5vGR_paVeai3XYkVuxGrGnrTWyNiDyzr7THe9qPVawNA2qgd5cG4V5qPNpTXGPW_pvPSWECg9AvnMhZmuNgHRR4lok4JfPREyrhQJGJbCyYJM_D0Mkk5NH6gZsLkfOknOIwAZKVnH7unSnS-jYK3C7r6sHKIHAbzlGQtef-w4pt-yIgpJRxjf_MAmOcnnNBNNIAe9puN6ySPS7XR5UWilPDNkkzxLAHD5LRqk7oZfn4EGTq9W1ghH7Ycer-_EesGDf9RafyT8X4AJikFDHwapBRrXxPNog86csHM04-1nw9VneNaMq6_IifDlSlEbjhjLj9plpLMBUTJC87bV4siGIpmFwbUBVTmpLaZocXg_2Gc5AEE8xqNoiEqLElhTR8sLhqzdlzMonX2P52F6U_97Ncbwf1Nue6-UmUcwqv65d7uXvL0kJhKFRGENifAFB45aLIlAZTmnpLHtAXwabPdxsUxrYjpOjTaOTAWPwzAbmh4GnQSXYCAiHacTqET9frGScXQrOrWDlQlj-hOFOKFOXOoxxu4kDdXMguro9WEI2S8QM4FQCesF58WGQwd0LkqPHpD7SxmMr6J6g8xs6KTARWFZKPmx_fLl654iLXHNTM6X5wVZ3jP5HTjEd1k-74Sct&cid=CAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw&rfl=1%2Chttps%253A%252F%252Fwww.urdupoint.com%252F%240

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12c6f778dbaf0eae10c63648b5dd184ddd98669b002a0cfe3873d6a8750e5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B4E 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwPgTzXdqpm6tdylNGRv32dSCgHLwBg6HcpjYSytQNLSohUN-cbKIfQLwvAeA9CnQjoBOhnZLWq4GGazFqfnL5ebzykxqUfFUgEj9aNzReVuWUR_k

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 0B4E 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:38:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B4E 124 KB
38 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 0B4E 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:36:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0B4E 0
0 33ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeW8V0eJqWZpzqNXVkqmwV73enIecSdO_Cgoq55uW0o1KgxvYlrtcwKz5qoZCAZVxG7PPv3Gt0YboPVmtTn_igwHVMSw
Requested by: Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/12215020896957378681/ Frame 6F03 18 KB
18 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12215020896957378681/2076313506083323656

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be821ef1e8c83fe376f72c9dbbe917eb478b4ff617b38f69f73e815823b1287d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 18:37:24 GMT
x-content-type-options: nosniff
age: 442941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18111
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 20:17:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Feb 2023 18:37:24 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14916053630362820095/ Frame 6F03 3 KB
3 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14916053630362820095/downsize_200k_v1?w=100&h=100

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1d3ea730d2e6e702970869a8b50073055bafa67a6916dea1370fac367cb6bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:50:42 GMT
x-content-type-options: nosniff
age: 467343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2741
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 20:05:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Feb 2023 11:50:42 GMT

GET
DATA 200
OK truncated
/ Frame 6F03 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2de7d502d6a14d64bca867af7ad23e7cb6fcf20560ec9e05f5499237753c2a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6F03 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7789d4994da7ca572d4e892c1531b14b73f912a9acb44e0df142e6bc1527db1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6F03 15 KB
16 KB 48ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 531806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
DATA 200
OK truncated
/ Frame 727E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d80efa05ba9ccfea943d525319f03e396544484e02ee478c70b231ce956f594d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D89A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d237c54b787a979f77424c2dd83685aebab50988d8f1123d118a341b903d29b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/ Frame FFAB 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Awts4vOBLGPWe4YEeA0N2BJtj9VRcSjMny7Qt_t_fv1d-dE34aaIwvC_2-JrfTss6bctX8GLGexpJquFYXBDBoMm_8G1FhbhRbXfTMTASVDazJGWDEmCPx2PETc0zVMN6JwAOD1itmFA_FtA4SUQNIh7b94w&cry=1&dbm_d=AKAmf-BtNOivWSZLRWZbv7NYjMM7Hkir7iKG84uii57tZ87-bpB0DMxb0pugkQHxdzhFOynNv_LMrx0XiB_S6tG9GoODd3Tay0P2ykUBNaP3TTHKI8LNKjN_kRDJY_GmQ_c_8RAvIu7q07INvmR4ThlUu6Ymim8bbhSfYSoh3Plqvy8ml0lyldjM00DLJFTsOjTwygo6FVb2BBR-ZaksICv_It0XcIYqKOBiXS09YQiXa6xbJqVGg7igezNcZqgFxreJT3LCWFf9p4N3tuVV9e_44RUmInevBEqoCLA91HRsZw5CH5LqUOX_dE_udicxhJbGDYuAwRPlKfdcg8doF0eEJMr_3A0oX-8kJeTWeGSkhZ9eSIIilJ2e_OOLJqe8uKcnDgA9qZ3sJUXCVTLmLyzXMJs_VYHNdtH32XD7MpNtjJEV3prgZjmn7Wpr8gg42QyGHrxUz5vGNrHwQHaljmCq83KivK_bdP-8Tc8F2vSmu4-WTCszcxw-XMU4CnFFzsQ8ejTvqMXXEqV8n-6jjCXFJ3x_5svVPKiJ4IC11aCip2jJP0auqaA6y6JD5aVON15d--MoQDbZy4FYdYq0QDXynt8ibAbnlK2en39rsnxqhSo2WjoZ9FKK6FoxbXp8o1nJXG-kcE_h3Znyt8JmyUE-ieRh4agfCCDNklcjj1A8tgSvPKI3u4xieKs2AIy9mQl9LGnKLvDlbKamgfJdEybQ0ORD98Y51UdPpDFszDEwgNch9kRzmlZ4PLpBA2tiFil1y3HmZApCjfaoqqUw_Y_Wl55d4_PjOd-RaxqIpJ_13rFhW3eTVDONammPZDRbJzm_O3ireV3BM931kx2DaaPvx-OMCIbGD9nbQ0TVR7PSV_CqP5YiecL267Vr2RW45H0QG6iWUPUu6ay2ahm-l9x7bhRJTzjIcmxk8lDRXGJvRhmK2Ovxe1h_pgYCOSAqqI5k3LfwZY-kbgvkTXpcVVGWl93h6_uzobRNzpz0w4K12WVVKDuSlvWFntbeKVTDu4c0aksjJi0urWMaWOiJiu7GkPa9S3X-yeprHcvKYcPkArL5-M1aY-9EXwTLHz-fQR1U7ViuqfyQUj5HnuO1l5wJwAhYQNIP_HtFq9lE-nwGx0ssIl5zrMr_4lbupolNjit94Aib3nlwVaiMOazOqOqlvWInXn8MNW4jY6Jmb6s6xtrXCJXnsJNjMegt--PLa9767zoz3yGhN4fqWo4SdE6EK8D0pEFoVl8lgG7v0rY6vM6eVLOicHfpR6KAU8TruKG0pEUCJeES4gWTNc2K4z1fRChQoNnSrMRG-k94vE0JnzuqMfKIWtLswfMYxp-KHyEYtZ4yIB3LKTf97YFCUSVwtNqaLtAK8pzf4faH6K5Ab2Koh7zJpP_abLQtLsGWtfVr0h9kBL6p6Z2bgbnjPKdfNeiQHtv7R94hN37KFf7IpIZVa2MPdGwGNfoOdKUBoAfaLhcYqrbPWS3vgVqpl05rjMo0vB1z74v6YcTfXvPAp0AmN2g2qwfyC3tIOJUPcO74VDqo7FvPzr7gnOV6vwDaeebOVM44Mw4scvsQ90FqNWmyc_xzjUMmZaMkmfHRIr0zfQUToeLLoL9M0MQVV35BgiuvDKCc8WiNFAYMlnoBvkGd3AWVrj0lQOIOQ7vfUCUX0EwNSLzqmPgbDAm8ha-TVZhkFItrDtyJNDrD_dSzSwTEWDUnTA-5nkmBN-TqWM3YgnP2IyIXztvUtlLt5-kTDZwUWRz5L1swomp6WieSBGA8wBYutjNjJm0WaYMTjeIAHD2QjZLFHs2EmQzARO3xcyxKP-5mSvqj3c7SlMK2RpfvthGHeAMDSoxk46gRnqVaofTKAcxPfWrEfOZ-9lmr-E3Z_YooDMiq4RE3qRWdk-Z0wpx2-zaJUpATkLfTl4E4vEG7dk-vqB_36ENSB4ugXg-86ERTBPBiqNDq987991ip4EKucSg2Ow1SfOK4gdZqUKg29kF9WKuEfP512KELbj1pNE_2jCt8T8ZTPfLmaTAtrBmZpMaC2jcDOklnA1RV2NJ8hH04GDgwwuF9BOneb8zGj8YYUzJplG34lDtScTwq6hoYwMYg7VePSLM7CQR8BXw1NqioSktmmphFxlWlH-sfw3i1p1Y2j3HxOkKHbci3hRaSg-NiLSxgpd9U1TL_eXbQILSLh1JAThoXpBHZL8w5DWakz0RoBgLKKS1XydqLqCQNU9ZzIn0N6LvnVrA74GYyWEDmcAXfSKuMndC0bXnTe5BfZ3vXIkQ2pMpx500nPTQErwYF58v2_DGgimvp2U9dvgNzKnwxJGAfZlRFd8ThGM8F9dLPd5GjHNqlN5LPyfjtQkmuDFrzCXp5ITCMFerLNEDKeiPD0427PovwPmbCr3k1jcEVLNAZiwxmGVRzbYPVGUm-9YIzAy3QQ7Dj2ic0Hq8RNMQzOfIDtdYeY2Ol5OcBvdUfswTcK4UU58DUVaIRQfceC3LwbafSKEy1FnWA8IHh0PhniqUr1q4Br8T0jVLlrbfMmSO-JdSLMxFfaVpbxLS1jhHRxa_HAl6Ip9cz6r8bOK7goGn9h0pC8PnmMykLxuhWh4PEG-NwxZjLtQw6k1dbVY_2neRDDzHwQjriJp0UPoKjrfai7Au2Spr67WaBCUAQgk0YTxBMqD0U70SuiEFWjE_kTAK95AGshRFRZmZHdK3mu0NouAFm5x_Ssy5nkT6hCMMP0jTb78G-yy6ODhvBsDKVpOU2fX_NzPxwggcUbjqqykEa8FMGTRJN1H1ucEO3YwNmfFvSq1bVh1FZqbHCgNSbL6zdUnIfoo7KIf7Lg0caPZXjQmunMVE8PnvzzUhTIPfnCtOomVxhkcNaCCf_p-buqagjPmDI5fNkV0n8JPNGGv2u0m-iWIbdLmKaFbtmwwD8Moc9psTfygU_ulSuGiQdk-cwFNEl4U48e2LLXZbSJkUrIBkUL6--B2S8jxGLzTLdTY7ZXabBdCGlHjODEdotbf-4EzOPw6HVS_Z0gonJdQHMyx4XWMy0S-dct5M-RRqb0UNlBO5qGuOOZEu5FLaEbMoNhIdn0U3DnaTmo4u5G_2Qg9X_1I9Eugy_6SUfuGCN1wMFR9OrKurUyK8w6herm6loxa5vzR-1qidU3fB-tuGOqcESHv471GShiTKhYBa8aTAbHBf3yYlLi4AgVpPNyalqV-wURGUCeYDKkpap24JujCJWCpiVdW6Iq9TlUVGup0x2JIKQ5nhKbLhevvYJ9S561q-2E7yzHODy&cid=CAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw&rfl=1%2Chttps%253A%252F%252Fwww.urdupoint.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1abe7fbb028cc84f7b5374497875436a3d646eaf988f5e1cd62f63bdf4772605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 17799145174670003773
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:38:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FFAB 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 06:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 06:12:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/ Frame 0B4E 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxekZmLpAsYVjq_xCd64c9VLWM1t0B5LWytCDd3dcbql217f2OEcqkJAg1RGoqUW-RMFMjW1uObizbDLJfIcYmogX068tmZp-TBKpCk8ww9O6sMgJUn_frR2q-FnbHbvaaswKybM6JgBppYVd5ixo5-6XF2g&cry=1&dbm_d=AKAmf-DJmSYwruIxCKJsnhGDzSomVW11tOqq6ccrs4o0g1_2_msBmuGGO90Hfaor5-LoO85kP5HJAC2j8QogSjZEf6MRx7JTvllOvWszo-gx34Gj6G9LQUj8GqnMh3SfkYNLw0PSmJ0B1g7kxOYxr-_0in4d5LtQ3Epy05zmswD_uUYtM12TFZBWOGha0tV0UHfaQvLPS8bDWjcTElRG9MEBxs1FKViVPBCfIOSdiycVSTNdveXNxj5wLpzf_N1ESlclZ5pmUpvi-QagonPBQwFDMHjkc0XgLp8GcnnZOmXRWX2zUaDZtl7XPKas9sTWogOltrn6EXi7uohgT25Ek5WasyC0HUnUWmw4psQgRRNoebRWafmU2bi87bbvhJ7DV7HX6-04Yi09275XXx1SVnOYJ60Hk981WrQYZ6XgSfFAYlSBu3ri6FrNJ_PlaaRWQNfEkww6E09bcQit29dAQtED2ytghaDMFk0wDqu1FIwUvGj0M9HFo84TnBFcnVWyNtHcdi3ECW0cdkMyFd89bkb8-WopI2hKPkIADSPr3puhBTN3BNgehw9AwzkuLh_javstUpYTUg-gcYkeHveX8VMtItvRQaiIW92ygLAevmxvpv6pmP_qrjOUGUaDuxf-Pw_3o-tO4V8rLQZTL60sHmvOhpJ_22yMG7eMVWWCrpY9f3OjG6SmIjDG1bNeHCP5BBqQomTaYS-8Kw_mWL2sfp8j7CKr5FZF29h4sVFcG63_5ZNv4ypYzBCnKZuaPR1xxlE6zIZnMYkZn8HCLcqQf9KzuxRsieIrco7Vx0qBkbpR4_EnajzYzEPOjW5YQKdB-8vGXz6z-TuF05qtWoQoab1xogfy2hhdxz-nAJfVAg8c1Fvy2Uo4WFxCI86N9srlP0EJ9lUkfdd2OyKkyjNJ0U4ynCiIlYmy3uFDHsZkEGrENiOpHB3wtv2dHmtk3YiSTnYYXchEE-rhkhTKaLmRZ_zi7VYUJLVcyy5cLycdFiq-4hNJDPI1xlsNLLJbgPZTewlWx21gMER7r0xNBJja18vLBXcR9a3E7XtXBwiDYphiV6WNf-pUtw1owQdl8UzsAAV8y48j80FQtsWUTwbbGFlOAaQO_vYLG5IsCwccgCGSBcB56kxqb-V4eZwMpLRZaS_dp_DAXKyK9r3YbTXseU2XQqxT2XEctTQnmFOJ4gBsg52przKjYfVUP1Z_tOkYVcd3FjfXQgETi7Qm1WoqrixQu4DWJzSd45gS_gfIlcjZ-8DXos0gvxX6UYwtx3ZimsFaBPsOOYbtpCJkxY8OFC-29gyq3_Y4UjtmxCie8MT48qyc8BIr8YL0uYM0dAv00i9z748EpaZfe7Pzntfr6oBV0GLEL8wE-7Sur4YHOkiMHciTPolYEssQKDrIqsbR_ohwzDS98of81YXrrxUnEcPSMuFCql8OLb3ykcYbRYA4urXlAwSv0zJ_4-7ehEESPgSak1T4Ew2FPHVP9_70_gK9CcccliR3zGXLHpzXSA3duXmxM9FSJIjucucaqEJXaoNXLmVzbwymwx3E8wcwshgBQ985cspOQv5tYQNopBmxZjDi2VkkNpvfF529wJnkIOz41hOX60lvNTiV_w4EoeXR3H-BokulE1bq4C7sOdRwxaXp8OHbKW1pmek_oNlFr5QjvCeP4v_52Qqmkekyko1QReb_R35i4BJ3xtlKmGWt-FqDbhVLOPQ-mBHEDQGGzMsefhkpP7jwDMWv0RTcT1wwEnv_Pvx5h6julxHI-5G6uFthLgQMz78Cc8-RHWjgcqMDY3UcYippDFrCzPnYvgI2ILgyjxb0ndkXDVPjXk6VIwrQH93ViL4Xj-jMxJadwG4ktXVrPOYwy4uhd0ssne-pLa19SCY3ESDhcRFGRjLNQtJM21-Z22S5exGzPCWJ_UwFTKFJXeQ8YuPn1CpY5H44k2Lp-t7-gWrH2txHe3cDPW9UqWIMFMOY9VBnFQc1GumnzXyWavraNlzF159elSKGxZ2ZW5Ro8yG6hXWcQC9Ssl3MIn7Xy6EWYbi3bC_aNgsHEG-mQZGO0Sjbb3qU1TKCtVFfaQIXk13uxZ66oJZpt6u4X67vkNwgVqWRyrV-q8-ztou9IkqWFpkSgspMgl2Ek0agazSH1D1KaxgR8Olm47ShD-nGT2mrO1ydTL4GQWhoPn9w9gpf-WB88r6cM4edHvF3An9IuCkCKt-hWyg5B0IGaYlk1m_dSSaKvAysmVgFR__zEUVUu37IuBQAuuxKvBVsuuAQIuft6vIWYgvnsHMUeEgmJeb4s2xuEMwoTwAA-4SOV6Bzgs7b6y3tyhGADmb7oUZ2y1x3lv-7Jdd449H2IAmTYNGsOYrCHb-y6RoRMnHvZlnmMs7I1GjfsU34rbo_CpdFSvovCNg8tMASbYG28iqLNerhbsUY9dmLTdyINhh-nB1PEXfo6zh_WoZnUUsEvRXjo0qJHOSxHzSUFCc_Fdgr3ED76e7HCM5JlbWD_i1iJsJWSdIatfA_Fow44tjUDRaa3JyQuN_yCKG9yW_dFNdP-lJVKQVDni09aHZjNi2J4qa-qd66jo_E6ZUPu81B30HdJJNA5xFG9279J4vBGTIEQ_5gD_D0Ia45Ue9hDQYd3A5vGR_paVeai3XYkVuxGrGnrTWyNiDyzr7THe9qPVawNA2qgd5cG4V5qPNpTXGPW_pvPSWECg9AvnMhZmuNgHRR4lok4JfPREyrhQJGJbCyYJM_D0Mkk5NH6gZsLkfOknOIwAZKVnH7unSnS-jYK3C7r6sHKIHAbzlGQtef-w4pt-yIgpJRxjf_MAmOcnnNBNNIAe9puN6ySPS7XR5UWilPDNkkzxLAHD5LRqk7oZfn4EGTq9W1ghH7Ycer-_EesGDf9RafyT8X4AJikFDHwapBRrXxPNog86csHM04-1nw9VneNaMq6_IifDlSlEbjhjLj9plpLMBUTJC87bV4siGIpmFwbUBVTmpLaZocXg_2Gc5AEE8xqNoiEqLElhTR8sLhqzdlzMonX2P52F6U_97Ncbwf1Nue6-UmUcwqv65d7uXvL0kJhKFRGENifAFB45aLIlAZTmnpLHtAXwabPdxsUxrYjpOjTaOTAWPwzAbmh4GnQSXYCAiHacTqET9frGScXQrOrWDlQlj-hOFOKFOXOoxxu4kDdXMguro9WEI2S8QM4FQCesF58WGQwd0LkqPHpD7SxmMr6J6g8xs6KTARWFZKPmx_fLl654iLXHNTM6X5wVZ3jP5HTjEd1k-74Sct&cid=CAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw&rfl=1%2Chttps%253A%252F%252Fwww.urdupoint.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1abe7fbb028cc84f7b5374497875436a3d646eaf988f5e1cd62f63bdf4772605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 17799145174670003773
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 21:38:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B4E 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 06:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 06:12:44 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4DEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1

43 B
1014 B

51ms
51ms

Image
image/gif

92.122.254.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNXm2smzHu8LZjF07_xRzb7cidpDMaYy1WFvK0WxknxwqGocrxw99jSqPRnYpMrW4h_puSn7yZEUjKpYoTx7rqhTTG3CHPE-EMhbFnE-1MAL17qOuC1bP3ShXJ2maQqkOKnG9E6bRLLnmaTYgsPEN8Mj6oC7SZI44BlIDuG55YUTfyBJmrI
Protocol: HTTP/1.1
Server: 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Feb 2022 21:39:46 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4DEF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgLjIjzyOZ4dIQ6nWpMPQQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1

43 B
894 B

34ms
34ms

Image
image/gif

92.122.254.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNXm2smzHu8LZjF07_xRzb7cidpDMaYy1WFvK0WxknxwqGocrxw99jSqPRnYpMrW4h_puSn7yZEUjKpYoTx7rqhTTG3CHPE-EMhbFnE-1MAL17qOuC1bP3ShXJ2maQqkOKnG9E6bRLLnmaTYgsPEN8Mj6oC7SZI44BlIDuG55YUTfyBJmrI
Protocol: HTTP/1.1
Server: 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Feb 2022 21:39:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4DEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1

43 B
1006 B

44ms
17ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNXm2smzHu8LZjF07_xRzb7cidpDMaYy1WFvK0WxknxwqGocrxw99jSqPRnYpMrW4h_puSn7yZEUjKpYoTx7rqhTTG3CHPE-EMhbFnE-1MAL17qOuC1bP3ShXJ2maQqkOKnG9E6bRLLnmaTYgsPEN8Mj6oC7SZI44BlIDuG55YUTfyBJmrI

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e19b75de-31f6-4085-b475-70808c9df01f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DEF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fadd4310-1cee-429e-b4fe-602256f2d94b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 rec Show response
t.inskinad.com/ Frame 5FAE 0
37 B 16ms
16ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
via: 1.1 google

POST
H2 204 rec Show response
t.inskinad.com/ Frame 5FAE 0
37 B 17ms
16ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
via: 1.1 google

GET
H/1.1 200
OK ab Show response
nym1-ib.adnxs-simple.com/ Frame CB91 12 KB
6 KB 298ms
89ms Script
application/javascript 68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLSDmxSBwAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYDwmjhEOC7YAgDgApjxXOoCXGh0dHBzOi8vd3d3LnVyZHVwb2ludC5jb20vZW4vd29ybGQvcHV0aW4tYmlkZW4tYWdyZWUtc3RhdGUtb2YtcnVzc2lhbi11cy1jb29wZXItMTQyMTAzMy5odG1s8gIRCgZBRFZfSUQSBzQ4MDkwODPyAhIKBkNQR19JRBIIMTY5NzEzNTbyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWQgHNjdl1wDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IEBMIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEpT8ciAUBmAUAoAWxm-j_AaoFJDkwMzBlZTllLTZkYWQtNGQzZi04MzBlLTc0ZGJjYTdmNjA5M8AFAMkFAAAAAAAA8D_SBQkJAAUMdAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEF54ERBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FQQE9BQEQSGdBZ1EdEHBJZ0JBSkFCQUpvQkFnZ0GQBgCYBgCiBg8xMzIzMQn6IDQ0NDS4BgHBBgmlKPA_0AatRNoGFgoQCREZASFFGOAGAeoGOnXNFRg1ODE1MDE0NtkFAR3JFRA5MTQ1OTYdAEDyBgIIAIAHAYgHAKAHAboHDyEGABgpnCy9BkAAyAeEygXSBw01NAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=b351bdf59540cd2dbd2bee67a6b1e51c204a33f2&pp=21.6543

Requested by

Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2625eaf1c9094068eb1d5d0960ff955643bc5c30fbfdc43496bfbf732e1507b3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:46 GMT
Content-Encoding: gzip
X-Creative-ID: 334783641
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 550.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4eab6c30-e582-4807-91fb-175dcfe7948c
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pageskinexpress.gz.js Show response
cdn.inskinad.com/isfe/4.1/js/base/api/ 262 KB
77 KB 8ms
8ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1114322830a99dd819fe176610e785bd29791a754d08cfa792cc1b3100e968be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 08:51:34 GMT
server: AkamaiNetStorage
etag: "a299d177a1c9ffbbe933840054c46ba4:1644310294.302438"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 78950
expires: Tue, 08 Feb 2022 21:40:46 GMT

GET
H2 200 i.gif
mfad.inskinad.com/ Frame 5FAE 43 B
499 B 100ms
100ms Image
image/gif 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mfad.inskinad.com/i.gif?e=eyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MiwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJiciI6MSwiZnEiOjF9&s=94focBo4zgh_uzSV1COWQCu9XiM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1b-i-00bc43a6dd4381098

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1683
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1

43 B
1014 B

52ms
52ms

Image
image/gif

92.122.254.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWRjbjWNvJLlMHNg9FxvP9X9DPK7UObyCmcUrIrVmNGjla0lTZ2_afnAvvV9DHLmEEnAsP_ZCCAalKzu5TZjpnYa1fj0HeD_PS7xeR5HFhW-9qexsbSzreT9jxAoEUmFxNOoKNb9tlYosiTxSV8YDx3hkd0ihBEhd-VMgOaoyIS1yY_fNQ
Protocol: HTTP/1.1
Server: 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Feb 2022 21:39:46 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1683
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgLjIjzyOZ4dIQ6nWpMPQQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1

43 B
894 B

42ms
41ms

Image
image/gif

92.122.254.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWRjbjWNvJLlMHNg9FxvP9X9DPK7UObyCmcUrIrVmNGjla0lTZ2_afnAvvV9DHLmEEnAsP_ZCCAalKzu5TZjpnYa1fj0HeD_PS7xeR5HFhW-9qexsbSzreT9jxAoEUmFxNOoKNb9tlYosiTxSV8YDx3hkd0ihBEhd-VMgOaoyIS1yY_fNQ
Protocol: HTTP/1.1
Server: 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Feb 2022 21:39:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ2cT_VQmDlyUJBRQtG4Qs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1683
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1

43 B
1006 B

44ms
17ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWRjbjWNvJLlMHNg9FxvP9X9DPK7UObyCmcUrIrVmNGjla0lTZ2_afnAvvV9DHLmEEnAsP_ZCCAalKzu5TZjpnYa1fj0HeD_PS7xeR5HFhW-9qexsbSzreT9jxAoEUmFxNOoKNb9tlYosiTxSV8YDx3hkd0ihBEhd-VMgOaoyIS1yY_fNQ

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c540851f-1a9b-4c95-9fd1-7ad3a62c1868
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFgyjLeigPRQIBKaAk5n-sg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1683
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6b09be39-473e-4e56-b3a5-2558930c9a4b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2ODA2NzY4MDU0Nzc3NjgzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 600 KB
132 KB 55ms
8ms Script
text/javascript 2a02:26f0:f7:197::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/102183/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7:197::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8aabf80549012559b7c52e0b26adccccd8c47fc62ed148dac912078ba9cd5be2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: CM1VNJ2VN1QCBYGZ
content-length: 134179
x-amz-id-2: t6oTmWAfFMwffbWLw4JCoChqr5LXQiMEPX9KIn2WQ2TVyn/g7+EuR3ekLMGt11pqS8FIoXL0Unw=
last-modified: Tue, 08 Feb 2022 15:10:25 GMT
etag: "7fd08d8aed46c0ae58a3ad68eeafd30c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 2
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 08 Feb 2022 22:09:46 GMT

GET
DATA 200
OK truncated
/ Frame B9CA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed308d8fc21b8c0143ccba201bb61b6cf3d16d765b5bd01eb6c7e5826c23576

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 727E 0
0 42ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz0T4oeY39QJbLUVBs6qvDg0bTw90oQpuvqT0od2if6fmCoF_izlRTZ8BCuGfVq_h0sQYKLrpxzPWPI3OjzrMQaJn9sP92TPzqNPBGGRzXF7hMZNyAnDJu3RU3_VeyFgtahCTLJrAJho0tfKS3ucslsQY77NIh0Q8sf7lWlnODww4csg6w-bOzOImDfGS77VKFo9C5HPDfG_YBVJ8dXTEZHbX_SGyMZp0s1YDQ1M3wbzQLaLAXSmk9nkjU6btOa7g9GeEvbnZidBEF8vt4DePA7fOCCMP-q0JH4rScc16KZ2GCf3qbJg6YoAm5Uv9hZSaYkoU&sai=AMfl-YSeyWlIru-CkdBvM5Rrr1Blu3GF4QpqWq7732QkqFIvoX6rA4tepIo3H-h2NH-9-x_VB_Txn-3p4off_rldAbvTy5Rcr9__jXK1-9dAn8ExtE40_k43kpGWoosedT0v&sig=Cg0ArKJSzN_-iE7x_k55EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
DATA 200
OK truncated
/ Frame 532A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2343b4803ee1d1f48388c3d6c8cdef83cdf2cba919b92f190b4acd1ea48f0fc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FC84 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ead6616c7622735009200ed46f529884682aa8abee0ab01fb48aa4d99b1df820

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 base.css
cdn.inskinad.com/isfe/4.1/css/ 9 KB
3 KB 8ms
8ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/isfe/4.1/css/base.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 44388858009cfb0ba580feb459ed8e6d67ea03796ee617fd0e2a8d3c6456f034

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 10:51:35 GMT
server: AkamaiNetStorage
etag: "c29bdfba9d14aee4f74c0afe5c12c039:1633949495.301289"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 2795
expires: Tue, 08 Feb 2022 21:40:46 GMT

POST
H2 204 rec Show response
t.inskinad.com/ Frame 5FAE 0
37 B 17ms
17ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
via: 1.1 google

GET
H2 200 index.html Show response
cdn.inskinad.com/redirect/ Frame 93F7 900 B
638 B 9ms
8ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN572608.468584AMNETGROUP%2FB27050295.324629000%3Bdc_trk_aid%3D516909492%3Bdc_trk_cid%3D164277123%3Bord%3D1644356386228%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D0%3Bgdpr_consent%3D%3Bltd%3D%3F&tracker=true
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "be5f029aae431ed80ad45333a334787f:1481726617"
last-modified: Wed, 14 Dec 2016 14:43:37 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=25065
date: Tue, 08 Feb 2022 21:39:46 GMT
content-length: 446
access-control-allow-origin: *

GET
H2 200 index.html Show response
cdn.inskinad.com/redirect/ Frame 29B8 900 B
638 B 8ms
8ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fsecure.insightexpressai.com%2FadServer%2FadServerESI.aspx%3Fscript%3Dfalse%26bannerID%3D9846909%26rnd%3D1644356386230%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%3A%2F%2Fsecure.insightexpressai.com%2Fadserver%2F1pixel.gif&tracker=true
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "be5f029aae431ed80ad45333a334787f:1481726617"
last-modified: Wed, 14 Dec 2016 14:43:37 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=25065
date: Tue, 08 Feb 2022 21:39:46 GMT
content-length: 446
access-control-allow-origin: *

GET
H2 200 index.html Show response
cdn.inskinad.com/redirect/ Frame 006A 900 B
638 B 8ms
7ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6NDB9%26s%3DyqFo_2CjR38vlI3lIMAbjG6sT10&tracker=true
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "be5f029aae431ed80ad45333a334787f:1481726617"
last-modified: Wed, 14 Dec 2016 14:43:37 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=25065
date: Tue, 08 Feb 2022 21:39:46 GMT
content-length: 446
access-control-allow-origin: *

GET
H2 200 top.html Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame AEBF 1 KB
708 B 8ms
8ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7fbf4b5e7b2663460bdb3a9b7b97fc87aaf3d4c7ce0f786e6762744e2dfb5499

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31874
date: Tue, 08 Feb 2022 21:39:46 GMT
content-length: 512
access-control-allow-origin: *

GET
H2 200 right.html Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame B090 28 KB
8 KB 12ms
7ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 34befe8734b635caf13963620b030761e5c372e064b0a76a4173d68f390b7e05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=32401
date: Tue, 08 Feb 2022 21:39:46 GMT
content-length: 7742
access-control-allow-origin: *

GET
H2 200 bottom.html Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 7605 929 B
586 B 11ms
8ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5b4a683d307e10da0665a77bcfce1357c9557795fbe0fc3078dacf0223651ecd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=32401
date: Tue, 08 Feb 2022 21:39:46 GMT
content-length: 389
access-control-allow-origin: *

GET
H2 200 left.html Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 4AE2 57 KB
11 KB 13ms
11ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8e9ff42df1e5ca663a24a7002d7a6ef933168e9bbd8c2f3642f7648b1d695b12

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=32401
date: Tue, 08 Feb 2022 21:39:46 GMT
content-length: 11256
access-control-allow-origin: *

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 60ms
27ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Feb 2022 21:39:46 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7E80 2 KB
1 KB 69ms
35ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruQK5VSkAAxKb4D8OZGruILaEoRiPA&u=%7CKRsYBkgTaOemT8TvUVy8DChR1b0jpsvRmUhzkURNoak%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcX8JuE2Nok2HCYuMm4Kp5oz49sKanr2hO_Anus_7YH6kRHH5_-6Llhj8L2XUSPPbvEDH_dm7Dee0tmNncCrclMwAzbWRGHtVfu_2wv7ChKG6s1yuWHEqkjj7cH9fA7Aftq4KOhSwNp8LHeYLF9VLpLjf2OE2U2B9M6s2Kv_kDzJPujz8m1q49dZB2xaEu3MjszgIci1bb8IRk5aqQ9BuP-jJDNuLKZ_JWY3u3o5hJgsg9OvnAWEfofN7rXqe_7fAZXJGBDW1hEjW8pCjxQy1XSiGe9vdQ_vb-V8Phyjd6ILhhGdCn2ENbbO6PUvvodfLhGe9Cyh29ZAKOfabfx7vOHbw1THC0GcESFaGc3RJ0I6HhGuwwGV80MdXayfBRVdxhHKNm_ILyFPY4WhmGs7EiPcCqarlAoPk8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL7nxIeMCYuTdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSZAk_QM_rQe2YJEy8zC7LWMUe5UOlGfl1eK7JNnZ5dCa48aA0toHCUVzkws1YemD30I2YMB5H9q1ukE-doDnj7O9gX5ne2IUaFqmSdFS45nYpkymz1kFnZ5IYDW0AqifU3Jjnc-w0Kej3Kgs6gV-w0ENCb9ghNk86tT75bqxNTmeC7eJHUf3cNv2_hqmqLrr7jnmUnuHMl2avx4imVDZVdWmrm8x4nG2Zf32S0IghXdvrhSHnEN3f9f5QqTkij-1O4CghNzozzRyVn19Moe53N0XdRysN3d2OsNudYzby9p1DNLDI6pcPDDJKbl3PlrNgmIzzei4MKZtH1nYkTSsvYW_ia6F3CMdLk3o2FPSn0k0Kb6RoZHwB5HI-r4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ll8rpT37pb0NMFh_2BhFOd7MRcw%26client%3Dca-pub-2880359506957066%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7E80 2 KB
1 KB 53ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7E80 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 7E80 507 B
835 B 36ms
35ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 7E80 43 B
347 B 63ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=RwRluLxCNhrvpdiG9RHWoC4_CIWBIpUKrfLz7N19JPhp81WcjiWaT1-3YKDy4A-PeNIL2limDD-oJqlpBjGSjDhUodaFS_QG4tLTnc44fbKi2i_2Y5rYl-3cd-SJxKRGm4ZY9DPjZAEb7bMC22xrBa23l1e0gk7vgStY0HpfntCxiXThBnA1es8sHAF-hyBnlbPLeaahU-aRv086pKTk72ofMm4ISzNXhNgSVoMdThjEJJGpVPrzP7pbl00uFVINuea6ZQGFnBpVb853Jcd9WnE40ZkkTcwieTwn50EssN2yPVTajBLipdO3jMEhtlpsjBE4ZGvM6OEPc3OPXCejSScod7E78RTps-7-GyNdU3YS-SeUwfSFMAg3P6PdtgAnLwmfZnmfevczpWpHtItl6DVvQ-RQ-2PdgeQhKN9scgGsKHU0DXNk3G03mUwZ4zec5QmBho5PbskX943XeQ7qNZMTPns

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3201927
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t43ocmuaiycq Show response
hal9000.redintelligence.net/zone/ Frame FFAB 11 KB
4 KB 45ms
13ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/t43ocmuaiycq?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCV8PPIeMCYubdCqSplQfvlLHoBt2t6KhgqNy3x7kK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBNsBT9By3MCBzn0_nwDyrQrMyl8e-FX-ABo02zy35xJMUsTdYr9_63FZ28PAgSXrSehez6xzGRuMUt_1S82I2TVAvGCd17eD03_esO4A0Jts4V5g_58JPErGnzGfyec7xpeptKtPIMZh6kdrKt2jyfJY2Hz_4TIVV8C9COoP83xJsxOhEHZL2yoaWb7TW3gYxCapXJy0NEg6eLgTOpOicqk51DK1KUpT_IQWW26SiuuD7vvS5R204FREpAL7zSxoQB4b6DT8OkYZgs0Zbw55bmg25ZdcL-xwiCu3iks6wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw%26sig%3DAOD64_2VJkTRdFp-W8kyotsKYvWjhkPUBw%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-B5DhX-KtoNaT5obLZASzpeyfvo3kcpUrodxtk9AkBiMdJPlIqDEJNo_xYdwv3x_J_yWFf-szXDONOvM64R9M8XT6RQF5mFh6sAD71fiDS3LcYwVC9NP1QimGZLTq9_OptoECfCinfHJCRhhC_Gsvz2z5XFoQ%26cry%3D1%26dbm_d%3DAKAmf-Bw6Nnm_go5ZTKWCdXHLnqL53K_xzKPm0lUDvUXQVEBkXGfi7lpmWTN4CG3_nYqQid3G_jE7SkAcC3hwu3Ne2sceQXCpHPzWa2xgcTwgs8UZINy7rR0nryNIxbmWPZ1ZBADwoz01mvJezQcyFuaXVr2IK4tankdaWOXUCbHkSWn0SKdACiFix6nj2Ss9wuWiZoJSs2oZfBa0o_eItB-nBguAQkEju7PgaOAqxPSEk9m-JDs9XpVsnjRtOv07KAZxFWuRilvCaobXBlx4PnbIA2wOch5Ymk4QWNetSS3aT0NgAYd2ysMzjWvxUuFTFJq5z5ufHyUDvTFpvdyri19Au4H9X4px3HbVZL7mOIEXfFfb-5UR3c_W1319eLwTvhzAAZSLunTd9nzEX35Rm-L90Fjf4VxGkQrlIN29RarvNBmi5WrONnWsIJtbUmKmBosDRaQyR6po1P98-eWMWBubR8cSYoT7RRDOXMX-3syVwp3xXoNId03W3zs4JCsPOHr5FKuyJdaXou1FdRYnJEYMG3UkCuONQ%26adurl%3D
Requested by: Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5b78540e928cd3df3264bf4a5c03e3f1031ab74596c794bf8a980c305f252dcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:46 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3953
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3DDB 2 KB
1 KB 59ms
36ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruIK5VSkAAxKbxhg6TThnFcUvODZoQ&u=%7CKRsYBkgTaOezqm5Ynu7fIZki9tKU%2FTA3au%2FsaKD7vdk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2BDP94ms9lfiEN1F7qYpgGWWkF9lIHFV4AtrLB0CJGs7B1lIaAAz0gWh_i17wBKCal5W0QPbfNWe7BzOmyAAwwiTRy4LzxjqP_51b9xvuhMob7m7Ooavjsh689u5qy4Cq8oiw3WVYBHvjHckZFcXQss_Gi-Vnnep735aeXMoNuw0FnmrRvWhc-np6Pc1Jw9Z79uvoKjJTs0jUdTjelfbIJdbnmLGwxb3Qu3QHbPwUvt8jr9FlPQWnGb_iNyfatYZ1C-0CvAZnKUaQTU3-hjeyj3c6y_TZk-RjqcJi3TFu403ybRYwULHkEtpebWdVMjAlWK0CrTZdB74BCI_27bDoBKfcPhEYMx2upU01vbvlSmAI78kmxliKfmWZgAsgSbE5aILaD-D4y3rWw2yT0uDQ9Id9rxXrpSmo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9IhYIeMCYuLdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgScAk_Q4oGJy5QGd9iwnXC0QGL5JMLrzTpZrQYjibKLMJJttyVeNA5bRjkWSYvZt5vxhM1srmy5izEzUUyhx5LPFPlLkw3ol6SpFDVdL56DGkbpXyrNjkzk3ycqO5aMWR3d08_O-u6xCFM3X7MZITuW0VNKBfE5e-OB0qIgNrxZkOzTzThNCrjYx4vaMkQyXrKrsM6jBV_XOkr0HU6nOeo77BLIiBudXE0FZkOFbaHTtyXjr2EkIPVJK0c9bLWsG0EPaAeyBBBqMjoCS-FM4CF2_McKSwJneHRt4XpFvkWXfvRDCiuMb1xdNtdDcW9IR1Ak4gvX6Nn_jndLkc6wQ7xNN2niXJRbVM5mpDidYkV1D9fZ8TARawb-iqXSWcsU4AQBgAbyiKW9q4Lrh8kBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dE_izS2duAk1X0pkPwAXEuo1V1g%26client%3Dca-pub-2880359506957066%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3DDB 2 KB
1 KB 38ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3DDB 308 B
636 B 18ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 3DDB 507 B
835 B 17ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 3DDB 43 B
347 B 27ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=qE8g7hBCpaBO4JGp-EeAhlFQgHyzPuP8Kz_mhjx2wkXSGbLVOdVN-F_C1j55qiTwghYRWBByoUmoDAoSms6nPFUDCzZabj0g2PzSfi3ZRLoNECrdbMEGNtCgF3Zv4l3vOEEQ7TJl1w9NaCsRPcKkbFTE5yAanroyRJAVnw5Blm-A3EWn7Mdmk_JTdZ7VtJQ9iUO6uEL5u3uk2_dupUFSK6pqBjN2vl7BzcYAWCKliSWY9Wlk_Ed-HmXI06tJZncMpIZ799HjNTU9nBx2RUrEuir5Io43TE2tQCmgpsJprq-0-3MSglHxeZ3jREwQUQGw-Uojhda8ikO_LUahT_rfp8ZhVJDjmf8NGQRPGoUeMGZ6YZbGHtDrSvuHNqbZ76rgHK3wZfGZgwDdVRANeZTLoBu0sLf-81GKiWap--i2aLwlxeS_plJprI28RxT078sObG_mzmSKqWg4qaf0Jab3pmflXqI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3520345
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 4as54di69f4s Show response
hal9000.redintelligence.net/zone/ Frame 0B4E 11 KB
4 KB 39ms
12ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2A-yIeMCYuPdCqSplQfvlLHoBt2t6Khgu4_f1IgK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBN8BT9CBSxgQ4NKmt0q_3siPDu1nct7A5dPlG4-MIokEsIVDZ4QlR0OgZmBCBEXlZkwIUDd8ORV5-srN6ZRLAlWUYcpL3EvTgUSpnb1H6a6zLcca4Ae17KB-9Zd4OBDfMgedcsHVsHFrd3EE_tU2ZYNdE-TcdTzhFkYOEK86tPcSbTCSi0NttDSRIQElXS5W_SonuaImuJ1bsuUPlp1i0_Ee1x1Rm8p_8Mge8o_6O2fLTGSfwIr5PuS3Ojf5aDv4egX18sv71ybmhYztZsBKpTjs8UV5h05XAj_JL1VZDtCGFMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw%26sig%3DAOD64_1Zo_mNtXVj1t6oWuM645kgx96CxQ%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-AuTl8iLKu7pS1ME5Tp7OnEIM7a2IcY1uVAmo6DTzcGg6Gjsn-cbLmDz0AFyvW7WeCi3uvxRI3fRg68kLQZmTe3twdbu5esbZoA_9pgJzIcOO4ArvpwQIQXquihsOaIs_mIP4yY7MIwrNOaJFyS2l4aEbtZ3w%26cry%3D1%26dbm_d%3DAKAmf-AxiufkYn11js9qP6mGn9LrZpqUJNKYDMWu9BP8vRXaUN3hFNuj9KbmoHcSL1Y1I-GH-0L6q7o7W5euKe-Ey1QxB-L9nZ1_6C_nq9WbqJqnmfJkXfkoH-tPOLIGNJgVttrzkpc4cCwOMk0hdPQkMLtL2dsFYa6SxEQyatnU3iX0bmoln8XptUoYYnPSlEv2co03m3QvfagrgkBEARuFjp-lZXWXBCNUrXrCwVQ_96204jmEmrWkt2q7YNCFJKbm60aHiDKdmNnCLe0CUiiYXWnY3a0PlQRT83gvt3jvQPPqi5Jo8H9kZUKvr7gj8IGDRDPIpLc17FgJactj8BEgpxKuD3qtFzT-GaAdFCdJRiQKqSCDHVerMWPzNfzk89JMc4a3vPQp4174VrC1B0Pv6Dlu0E9X3CaIFvgBDE1VgTAdswGaf_2xzrdzupVC7n1CHngRqjOspas2OTHlMi4pj4eGo3rvdoMRTjpej0f6asMY1bpQ5dSQwYGSlj4Z9yCL9SUK0CNwCijPXRcoqA9hLK8OOr9t8Q%26adurl%3D
Requested by: Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9f4ba82a4a4ca65677caa46a48aac95329a427cb9e622077e260a9c3ff3a9459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:46 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3948
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 24CA 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 06:12:44 GMT
expires: Wed, 08 Feb 2023 06:12:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 55622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DD74 2 KB
1 KB 22ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgLjIQACruEK5VSkAAxKbxmdH_mrPOxaQQck4Q&u=%7CKRsYBkgTaOezxU118dZuXmKK4zJ6w70aoQVFYHdpN2Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2BDP94ms9lfiEN1F7qYpgGWWkF9lIHFV4AtrLB0CJGs5YbcuFPUVkC6WaNSvk7UBtCj3hDhD0VZgzCPWv2OfDlKCVEfwSV38N7oombTlC_gwp6MMUH4hTnzMmJLNBsidMynBCgshYGCaGgpYh9JRsxTajEWod4nfHK4dW0aZoBMITQiG6FKY-ZLTlktmDpzzxGc__T_zRLhvepPDBO2ZvddCF3kHSAySCKqhfkWGUrob5YvSV9qa8exzWdSWeK-ZdvjMFH95QF0BnGzCMxKj-eR7QW8OkLfRhDhSjAxmt7a_obevVqNBcfLG8DSB2ttx_CQvAWH9MX1PJSFi25N45m8Zggc5ULZkK2lntQrtEbSQoLU5RDj9Djnv7iJByFsOsolrPzUr9Kd8cHaAmNX0J4Cg6tqPHfBwk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv5HuIeMCYuHdCqSplQfvlLHoBsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjg4MDM1OTUwNjk1NzA2NqAB1bbS6gPIAQmpAtBh1UCcKLM-4AIAqAMBqgSaAk_Q5m0qdgBp4WPpJ8msk7ERbekxS4ONshbiMImPdm_KELeyVmJLrnhb6sTiaYNdDV4y7RiqM9hG0l1smemrNnbgLDJVS1gb4MhTFReDDFkSpv0ED00MvxdvYGhvo_llIfNrnEjXIDhAbO-nDwLWh13rPAl8V4DT8-R30I1Rwno57Hj-A4o6pUHXJDestD2g8CTiMETy6iPbnCyl0YxMVJM0nuAKntl2Qlq6eSJb0TICn_oB8sLeBu5Vp6wr1Whn4lZ1OcLawkwekYiBcUHRDeZD-UBc9cUp4vy_5Wb6HXd9FtOYeN02Yi23rSFBvWiqx_o_QbCcylZp_Zo2btk3PKGaQRD618ShJEZbDEprzIhqtVPOeKaXoxXTcOAEAYAG8oilvauC64fJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uJGsQIJ2Ti0pr-DC6fKTEB-NERw%26client%3Dca-pub-2880359506957066%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DD74 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DD74 308 B
636 B 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame DD74 507 B
835 B 24ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame DD74 43 B
347 B 19ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=m3REfBBCpaBO4JGp-EeAhlFQgHxz6fIqFtr0rq98noIi88lON3Hzn6Wj3SbERW-8HgqOCvKKSFL2ps2ZeJ8UmPGme9hphGx1WXoAU2ib4bjbnbmfYoQscxnkSIStYy89bSEmOUCWr0n8WIRDySqrm_ahzBeK2w36lLgOkL7JfYNyBN80UUr9TWnv9nH2GpMr0oNcHga0RH7aDmi1kcyC6YnnpWzEjrTu3siXW4mq8CelYvxDNFPNUBZVslj-wJdhgCYKOGkvjgk-M8QQ5FFqhPqyqMcKNBRcnZVuu0NOMo9RmUw3KWOBvLXx_xPR7pRBwIV09HcDHzCBDR3LG-jTczPSpqv14ecce1A-jGc3nYurd3-7tLGc1z6VstiqFlrHguI09Hc1kMrL_DaWIq8XtAJWf0Tk3D9PM2ojMbwz3OhhZZYkeKNeOVs91vCdrU9NK51Iaw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3294989
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1B05 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 06:12:44 GMT
expires: Wed, 08 Feb 2023 06:12:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 55622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 track
t.teads.tv/ 23 B
113 B 104ms
42ms Image
image/gif 92.122.254.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=df8f925e-cfcd-4658-b62f-078e2a064558&pageId=102183&pid=110608&debug_metadata=lPkS4NyUAm&fv=963&ts=1644356386373&f=1&referer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.254.4 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 103ms
41ms Image
image/gif 92.122.254.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=df8f925e-cfcd-4658-b62f-078e2a064558&pageId=102183&pid=110608&slot=corner&fv=963&ts=1644356386379&f=1&referer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.254.4 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/102183/ 540 B
578 B 57ms
56ms XHR
application/json 23.209.68.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/102183/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&page=%7B%22id%22%3A102183%2C%22placements%22%3A%5B%7B%22id%22%3A110608%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=df8f925e-cfcd-4658-b62f-078e2a064558&formatVersion=963&env=js-web&netBw=9.9&ttfb=955
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-68-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad022b7360fcdc88ec8c6fdb6763ed1ed1730283f2e43feb5fc3261492ec4f6a

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.urdupoint.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 369
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7E80 12 KB
5 KB 43ms
29ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1259113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLo7EijBIjg4HLyXnOGmwLmxZR0nFa1CfmP0ARYXiysYKsdybhrWZjKdWYM7nQzO%2FJLkG9Uot27Sl7MnzzwC18WDjTZa5bP%2FrZfmiu5S7PHQfGkbbyXteCMeqrKDVZ76YchGeIwdYLlXq8J4fcfYrn3o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6da80337093b6925-FRA
expires: Sun, 29 Jan 2023 21:39:46 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3DDB 12 KB
5 KB 15ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1259113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZ%2BoAbwa%2BZNSLehVne4AA9zL5HAvDl2Xv2KsMy%2B9fFa9nOgy68nCLkkmr2Ox8%2F5HBz2%2FdK2b6lndJSZ%2F2yJPQUDvdP8t%2Bl4TYcI3ZEEPw0RFuapcvvs9w1rLtS9ATcF5gs%2B4I4n%2FYQm9gAxFuYUQvkft"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6da8033739b96925-FRA
expires: Sun, 29 Jan 2023 21:39:46 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7E80 12 KB
6 KB 15ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7E80 13 KB
14 KB 62ms
17ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=16367&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F16367%2F180504%2F66f7cd179beb464e8536ed7411abdbb8_logo.png&v=3&w=356&s=OlL_JliLrZdndETi-INGqrHJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2f09c528b139f219b8de997ea6067be2566ecba06dac254d6e31dbfdf25fa426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30258264
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13794
expires: Wed, 25 Jan 2023 02:44:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7E80 0
127 B 53ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ROXHci7lkg5pidaD9RQpHO4Lwdp6kgFS2ZPRAQHNb4k0Om6XMJF1r54J9YcKTFS2_6obRUvnOiynavodFV8dz5aSx5RQpJDzalb0rQzZOuk03d6dqho83KFZLTazGT-02xb1EOkdjRj71ycYrS34RB6YooAIC7tbzZ8h3496RBD83QJcCInayo4pAhcgSSMJyUMm0D9-Yh2BE26QpRrFUP21MqpSLE6usrauZQeFLLBadDQzgaCPAKQYxY92NMteTRKqAw&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7E80 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7E80 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5FAE 42 B
64 B 55ms
39ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXCTlR646ws5-JjQrDLOd6dbtu2v9Vc-pvaCFApLIHdlxXXozF3kfWvfJC5WMWY9okVGmZjpJcV2DrERLDhAGBuVCx3diCPsjomWGhWCknBLOAwJVK&sig=Cg0ArKJSzMMiWwyh-0FxEAE&id=lidar2&mcvt=1089&p=441,260,442,261&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20220207&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=283783268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644356385170&rpt=208&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame 0B4E
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

128ms
103ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2A-yIeMCYuPdCqSplQfvlLHoBt2t6Khgu4_f1IgK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBN8BT9CBSxgQ4NKmt0q_3siPDu1nct7A5dPlG4-MIokEsIVDZ4QlR0OgZmBCBEXlZkwIUDd8ORV5-srN6ZRLAlWUYcpL3EvTgUSpnb1H6a6zLcca4Ae17KB-9Zd4OBDfMgedcsHVsHFrd3EE_tU2ZYNdE-TcdTzhFkYOEK86tPcSbTCSi0NttDSRIQElXS5W_SonuaImuJ1bsuUPlp1i0_Ee1x1Rm8p_8Mge8o_6O2fLTGSfwIr5PuS3Ojf5aDv4egX18sv71ybmhYztZsBKpTjs8UV5h05XAj_JL1VZDtCGFMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw%26sig%3DAOD64_1Zo_mNtXVj1t6oWuM645kgx96CxQ%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-AuTl8iLKu7pS1ME5Tp7OnEIM7a2IcY1uVAmo6DTzcGg6Gjsn-cbLmDz0AFyvW7WeCi3uvxRI3fRg68kLQZmTe3twdbu5esbZoA_9pgJzIcOO4ArvpwQIQXquihsOaIs_mIP4yY7MIwrNOaJFyS2l4aEbtZ3w%26cry%3D1%26dbm_d%3DAKAmf-AxiufkYn11js9qP6mGn9LrZpqUJNKYDMWu9BP8vRXaUN3hFNuj9KbmoHcSL1Y1I-GH-0L6q7o7W5euKe-Ey1QxB-L9nZ1_6C_nq9WbqJqnmfJkXfkoH-tPOLIGNJgVttrzkpc4cCwOMk0hdPQkMLtL2dsFYa6SxEQyatnU3iX0bmoln8XptUoYYnPSlEv2co03m3QvfagrgkBEARuFjp-lZXWXBCNUrXrCwVQ_96204jmEmrWkt2q7YNCFJKbm60aHiDKdmNnCLe0CUiiYXWnY3a0PlQRT83gvt3jvQPPqi5Jo8H9kZUKvr7gj8IGDRDPIpLc17FgJactj8BEgpxKuD3qtFzT-GaAdFCdJRiQKqSCDHVerMWPzNfzk89JMc4a3vPQp4174VrC1B0Pv6Dlu0E9X3CaIFvgBDE1VgTAdswGaf_2xzrdzupVC7n1CHngRqjOspas2OTHlMi4pj4eGo3rvdoMRTjpej0f6asMY1bpQ5dSQwYGSlj4Z9yCL9SUK0CNwCijPXRcoqA9hLK8OOr9t8Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=9312583503684&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: aa02cc5edc159cf7a13ddec604471c311456c10246afbda57935b580e88c28c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 36926100239878200757589011864001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 714
Expires: Tue, 08 Feb 2022 21:39:46 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2A-yIeMCYuPdCqSplQfvlLHoBt2t6Khgu4_f1IgK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBN8BT9CBSxgQ4NKmt0q_3siPDu1nct7A5dPlG4-MIokEsIVDZ4QlR0OgZmBCBEXlZkwIUDd8ORV5-srN6ZRLAlWUYcpL3EvTgUSpnb1H6a6zLcca4Ae17KB-9Zd4OBDfMgedcsHVsHFrd3EE_tU2ZYNdE-TcdTzhFkYOEK86tPcSbTCSi0NttDSRIQElXS5W_SonuaImuJ1bsuUPlp1i0_Ee1x1Rm8p_8Mge8o_6O2fLTGSfwIr5PuS3Ojf5aDv4egX18sv71ybmhYztZsBKpTjs8UV5h05XAj_JL1VZDtCGFMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw%26sig%3DAOD64_1Zo_mNtXVj1t6oWuM645kgx96CxQ%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-AuTl8iLKu7pS1ME5Tp7OnEIM7a2IcY1uVAmo6DTzcGg6Gjsn-cbLmDz0AFyvW7WeCi3uvxRI3fRg68kLQZmTe3twdbu5esbZoA_9pgJzIcOO4ArvpwQIQXquihsOaIs_mIP4yY7MIwrNOaJFyS2l4aEbtZ3w%26cry%3D1%26dbm_d%3DAKAmf-AxiufkYn11js9qP6mGn9LrZpqUJNKYDMWu9BP8vRXaUN3hFNuj9KbmoHcSL1Y1I-GH-0L6q7o7W5euKe-Ey1QxB-L9nZ1_6C_nq9WbqJqnmfJkXfkoH-tPOLIGNJgVttrzkpc4cCwOMk0hdPQkMLtL2dsFYa6SxEQyatnU3iX0bmoln8XptUoYYnPSlEv2co03m3QvfagrgkBEARuFjp-lZXWXBCNUrXrCwVQ_96204jmEmrWkt2q7YNCFJKbm60aHiDKdmNnCLe0CUiiYXWnY3a0PlQRT83gvt3jvQPPqi5Jo8H9kZUKvr7gj8IGDRDPIpLc17FgJactj8BEgpxKuD3qtFzT-GaAdFCdJRiQKqSCDHVerMWPzNfzk89JMc4a3vPQp4174VrC1B0Pv6Dlu0E9X3CaIFvgBDE1VgTAdswGaf_2xzrdzupVC7n1CHngRqjOspas2OTHlMi4pj4eGo3rvdoMRTjpej0f6asMY1bpQ5dSQwYGSlj4Z9yCL9SUK0CNwCijPXRcoqA9hLK8OOr9t8Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=9312583503684&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 08 Feb 2022 21:39:46 +0100

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame FFAB
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

124ms
100ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCV8PPIeMCYubdCqSplQfvlLHoBt2t6KhgqNy3x7kK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBNsBT9By3MCBzn0_nwDyrQrMyl8e-FX-ABo02zy35xJMUsTdYr9_63FZ28PAgSXrSehez6xzGRuMUt_1S82I2TVAvGCd17eD03_esO4A0Jts4V5g_58JPErGnzGfyec7xpeptKtPIMZh6kdrKt2jyfJY2Hz_4TIVV8C9COoP83xJsxOhEHZL2yoaWb7TW3gYxCapXJy0NEg6eLgTOpOicqk51DK1KUpT_IQWW26SiuuD7vvS5R204FREpAL7zSxoQB4b6DT8OkYZgs0Zbw55bmg25ZdcL-xwiCu3iks6wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw%26sig%3DAOD64_2VJkTRdFp-W8kyotsKYvWjhkPUBw%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-B5DhX-KtoNaT5obLZASzpeyfvo3kcpUrodxtk9AkBiMdJPlIqDEJNo_xYdwv3x_J_yWFf-szXDONOvM64R9M8XT6RQF5mFh6sAD71fiDS3LcYwVC9NP1QimGZLTq9_OptoECfCinfHJCRhhC_Gsvz2z5XFoQ%26cry%3D1%26dbm_d%3DAKAmf-Bw6Nnm_go5ZTKWCdXHLnqL53K_xzKPm0lUDvUXQVEBkXGfi7lpmWTN4CG3_nYqQid3G_jE7SkAcC3hwu3Ne2sceQXCpHPzWa2xgcTwgs8UZINy7rR0nryNIxbmWPZ1ZBADwoz01mvJezQcyFuaXVr2IK4tankdaWOXUCbHkSWn0SKdACiFix6nj2Ss9wuWiZoJSs2oZfBa0o_eItB-nBguAQkEju7PgaOAqxPSEk9m-JDs9XpVsnjRtOv07KAZxFWuRilvCaobXBlx4PnbIA2wOch5Ymk4QWNetSS3aT0NgAYd2ysMzjWvxUuFTFJq5z5ufHyUDvTFpvdyri19Au4H9X4px3HbVZL7mOIEXfFfb-5UR3c_W1319eLwTvhzAAZSLunTd9nzEX35Rm-L90Fjf4VxGkQrlIN29RarvNBmi5WrONnWsIJtbUmKmBosDRaQyR6po1P98-eWMWBubR8cSYoT7RRDOXMX-3syVwp3xXoNId03W3zs4JCsPOHr5FKuyJdaXou1FdRYnJEYMG3UkCuONQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=1327006203056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: ca4e3439abe8c8a1cff83120d911425a40b60de876fa1128dc4f147c7007d718

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92041200239878300757585011864001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 712
Expires: Tue, 08 Feb 2022 21:39:46 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCV8PPIeMCYubdCqSplQfvlLHoBt2t6KhgqNy3x7kK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBNsBT9By3MCBzn0_nwDyrQrMyl8e-FX-ABo02zy35xJMUsTdYr9_63FZ28PAgSXrSehez6xzGRuMUt_1S82I2TVAvGCd17eD03_esO4A0Jts4V5g_58JPErGnzGfyec7xpeptKtPIMZh6kdrKt2jyfJY2Hz_4TIVV8C9COoP83xJsxOhEHZL2yoaWb7TW3gYxCapXJy0NEg6eLgTOpOicqk51DK1KUpT_IQWW26SiuuD7vvS5R204FREpAL7zSxoQB4b6DT8OkYZgs0Zbw55bmg25ZdcL-xwiCu3iks6wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw%26sig%3DAOD64_2VJkTRdFp-W8kyotsKYvWjhkPUBw%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-B5DhX-KtoNaT5obLZASzpeyfvo3kcpUrodxtk9AkBiMdJPlIqDEJNo_xYdwv3x_J_yWFf-szXDONOvM64R9M8XT6RQF5mFh6sAD71fiDS3LcYwVC9NP1QimGZLTq9_OptoECfCinfHJCRhhC_Gsvz2z5XFoQ%26cry%3D1%26dbm_d%3DAKAmf-Bw6Nnm_go5ZTKWCdXHLnqL53K_xzKPm0lUDvUXQVEBkXGfi7lpmWTN4CG3_nYqQid3G_jE7SkAcC3hwu3Ne2sceQXCpHPzWa2xgcTwgs8UZINy7rR0nryNIxbmWPZ1ZBADwoz01mvJezQcyFuaXVr2IK4tankdaWOXUCbHkSWn0SKdACiFix6nj2Ss9wuWiZoJSs2oZfBa0o_eItB-nBguAQkEju7PgaOAqxPSEk9m-JDs9XpVsnjRtOv07KAZxFWuRilvCaobXBlx4PnbIA2wOch5Ymk4QWNetSS3aT0NgAYd2ysMzjWvxUuFTFJq5z5ufHyUDvTFpvdyri19Au4H9X4px3HbVZL7mOIEXfFfb-5UR3c_W1319eLwTvhzAAZSLunTd9nzEX35Rm-L90Fjf4VxGkQrlIN29RarvNBmi5WrONnWsIJtbUmKmBosDRaQyR6po1P98-eWMWBubR8cSYoT7RRDOXMX-3syVwp3xXoNId03W3zs4JCsPOHr5FKuyJdaXou1FdRYnJEYMG3UkCuONQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=1327006203056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 08 Feb 2022 21:39:46 +0100

GET
H2 200 lib1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame AEBF 194 KB
66 KB 20ms
17ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/lib1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31874
accept-ranges: bytes

GET
H2 200 base.js Show response
cdn.inskinad.com/isfe/creative/1/ Frame AEBF 126 KB
34 KB 18ms
15ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 09:07:30 GMT
server: AkamaiNetStorage
etag: "09dbbd6a4c0cbed4bc0c34ed5a3fe2f9:1643706450.53447"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 34811
expires: Tue, 08 Feb 2022 21:40:46 GMT

GET
H2 200 global1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame AEBF 1 KB
872 B 10ms
6ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/global1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a08ace2d5330f88a46e55ea98a6d4d801136f2dd35063819a64e8a875f65cff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 665

GET
H2 200 global1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame AEBF 443 B
619 B 10ms
7ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/global1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dad2878fa9be3e172ba33fc64ad389b647206e5d71fca395c7079eddd2683658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 443

GET
H2 200 top1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame AEBF 907 B
738 B 15ms
12ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/top1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5aa49bce883123ecfa0b34ebf395b38ef8cf7ab8844bcd762fe2d887d05c4720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 531

GET
H2 200 top1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame AEBF 553 B
729 B 10ms
8ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6e7a37038388f606333739f5d2482651dbec91688a54e6cd55c381a99c7c4d5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 553

GET
H2 200 ISMvideoPlayer2.3.min.js Show response
cdn.inskinad.com/CreativeAssets/CREATIVE-MS/VideoPlayer/ Frame AEBF 8 KB
3 KB 15ms
12ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeAssets/CREATIVE-MS/VideoPlayer/ISMvideoPlayer2.3.min.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 895367f03db7ad24fbfe47a16c86a9f9283e89d190a4b50a2891459c2d56c1d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 14:01:37 GMT
server: AkamaiNetStorage
etag: "4066d7e441410abc03de9e8bcdad5f6a:1597327297.917181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=28628
accept-ranges: bytes
content-length: 2862

GET
H2 200 video-js.css
cdn.inskinad.com/CreativeStore/_libs/videojs/ Frame AEBF 14 KB
3 KB 14ms
11ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/_libs/videojs/video-js.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d7038510d6fe60ce2ff91858446b6bd71c8231d259398ada83ba34b1c746fa07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2018 12:53:19 GMT
server: AkamaiNetStorage
etag: "4452c4a923208a33bc138b5e712b72ff:1517921599"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=28663
accept-ranges: bytes
content-length: 3028

GET
H2 200 video.min.js Show response
cdn.inskinad.com/CreativeStore/_libs/videojs/ Frame AEBF 87 KB
21 KB 19ms
17ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/_libs/videojs/video.min.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dddab1cef69de46d78988ba17036d940946b2a3c89a1042479e5be99cd720ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2018 12:53:19 GMT
server: AkamaiNetStorage
etag: "e28b9cde8af2020bb67e221b6313ec84:1517921600"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 21412

GET
H2 200 top-bg.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame AEBF 5 KB
5 KB 11ms
10ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/top-bg.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cc8db29e0dc2feb070390f3ef287e81a34cd68b99eb5cfed70f0fbafa44caa13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 5272

GET
H2 200 top-hover.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame AEBF 49 KB
49 KB 11ms
11ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/top-hover.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6b6707abac284dbd94ceb66111e9cff7e80ef0369d4847f45c12842182245510

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31875
accept-ranges: bytes
content-length: 49692

GET
H2 200 top-logo.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame AEBF 2 KB
2 KB 8ms
6ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/top-logo.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ae104e978ce1199491a3aa09a96a5d67f93acda03b609d703a814d8dc9810a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1930

GET
H2 200 top-copy.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame AEBF 2 KB
2 KB 9ms
6ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/top-copy.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cd96accdcaff5520704020c59d437723a3290aeccbed425539ddcd2925d033c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1741

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3DDB 12 KB
6 KB 16ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 13 KB
13 KB 62ms
62ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=16367&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F16367%2F180504%2Fe0e5f3503e964af79756b9eb94abc973_white.png&v=3&w=596&s=Bf2IPL3OwcIHu24WFMI4sef9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

dfeba11d52310a426ca6c2048f4e146608ddd0d2d404974329ef1ff4d17966aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28918089
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12853
expires: Mon, 09 Jan 2023 14:27:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 18 KB
18 KB 31ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.s3.amazonaws.com%2Fchannable-images%2Fabsolventa-new%2F167.jpg&v=3&w=400&s=UPqY4GvEEwDj7HJB0fIshFGd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4d7cb6befbc94ef68864ea0fd38e137942b2bb646c9861684558d478407ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17934
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 13 KB
13 KB 53ms
52ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Faccounts%2Flogos%2F434%2Foriginal_1568290365.svg%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=NrDdDsMixgan0tp5B5AXVmtu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

59da3d2ad9aa7d940a1c6033d47a4203c494aff0c69c74bb53f59538a09b3099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29290959
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12923
expires: Fri, 13 Jan 2023 22:02:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 22 KB
22 KB 53ms
52ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

679ea5a4c46ca49574a63bcda942903fb4f400b2239a4f46b4f69925e82df393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 22502
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 24 KB
24 KB 53ms
52ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a173e2f99269f8823f81e80d8cf158ed683e6dd37d20a72b0de7a48c5a04158b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24356
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 13 KB
13 KB 67ms
65ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e69e7abf38c9d3fef1b1b82c9de451f5dd004e6414278be2af0b7288feb18ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13546
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 6 KB
6 KB 69ms
67ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Faccounts%2Flogos%2F19888%2Foriginal_1630490052.png%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=Yub1FXgjUT0_Czl4Qlfng5T5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f77e6c8cee7a44ad2a6a78a04e6578160f1c6a40f96ddce2845d1dc5dbd77ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29935447
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6338
expires: Sat, 21 Jan 2023 09:03:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 14 KB
15 KB 70ms
69ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1ddf54555ab2c83e5e5df79154ea339ba83672c93eaff5e2ac4d00b8dd058336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14648
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 8 KB
8 KB 78ms
76ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Faccounts%2Flogos%2F152%2Foriginal_1547035952.svg%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=jTFYh1w-jcVH1gwXSQJcLCt-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b27ef300382a68609c6b6a866f8f72258965f172960640e8a71c1dd4102b44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31388368
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7994
expires: Tue, 07 Feb 2023 04:39:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 19 KB
19 KB 84ms
83ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

54a153923bfe25e7c0c8dce6d594f502e7861c52e239b731ad04a937da40da2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19102
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 16 KB
17 KB 75ms
74ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f087d94dd25b0ac7ecae0dcd31d26a79c6b6145a01ad414e64068894d4cd5b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16748
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 11 KB
12 KB 78ms
77ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Faccounts%2Flogos%2F397586%2Foriginal_1634131727.png%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=e4PAy4bhXhg9oFZgUxCd5MIE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7d35412230df84d445ffa85b8df8ee6efb70e34520f995379c06a4d337a04f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29693883
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11646
expires: Wed, 18 Jan 2023 13:57:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 18 KB
18 KB 86ms
85ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bc7ea5b6fae135415ac8a4b61769d27796aa16d033b6bb4fa5b6b6404240f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17948
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 21 KB
21 KB 81ms
80ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

41b4822cba86a03bfb7f94dcdb9e13f66d7ceb7e9d7fe5d7f35915ae89ba76a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 21134
expires: Fri, 03 Feb 2023 21:39:46 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3DDB 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=vLKaui7lkg5pidaDM-EAKcdWKP4QwCA3bwdywMe2tz2W5J0lIpf3hBJj1Iw2E0oYHjJrPQZsis7RuHo_zxVnQWyEoahsWYD_4DmNLbZEW39hdUYr8K3P02tsHarDqfHRCTSsvUn4UC1zrI-ZQf00uwBLjVD79ZgFVeLfbvzWGUsXSHPc6fcf28qMIisV8rhK9X4xeVdSfVU7WYbWz5tPzrGUy26zszu3kDaxGl8Y0SL_ApjAtZirBke60nq5RwTaky7ZHQ&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3DDB 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3DDB 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 41ms
40ms Image
image/gif 92.122.254.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=110608&pageId=102183&auctid=df8f925e-cfcd-4658-b62f-078e2a064558&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=Y0DsMtaWI7i0iQg58yDBk_OS&cts=1644356386416&cs=612912239942989116605&fv=963&ts=1644356386530&referer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.254.4 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 lib1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame B090 194 KB
66 KB 19ms
19ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/lib1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31874
accept-ranges: bytes

GET
H2 200 base.js Show response
cdn.inskinad.com/isfe/creative/1/ Frame B090 126 KB
34 KB 17ms
16ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 09:07:30 GMT
server: AkamaiNetStorage
etag: "09dbbd6a4c0cbed4bc0c34ed5a3fe2f9:1643706450.53447"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 34811
expires: Tue, 08 Feb 2022 21:40:46 GMT

GET
H2 200 global1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame B090 1 KB
872 B 10ms
9ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/global1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a08ace2d5330f88a46e55ea98a6d4d801136f2dd35063819a64e8a875f65cff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 665

GET
H2 200 global1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame B090 443 B
619 B 9ms
8ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/global1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dad2878fa9be3e172ba33fc64ad389b647206e5d71fca395c7079eddd2683658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 443

GET
H2 200 right1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame B090 2 KB
760 B 12ms
11ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/right1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 201a13b62ff5bb978ec95729de4b543d90abb1b170abb4eb959031d5704dc330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 553

GET
H2 200 right1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame B090 612 B
787 B 9ms
8ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 29c46aad13f12a8e2e825e90125bb9da573ee40bcbe8df6c6012f7716c472899

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 612

GET
H2 200 right-bg.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 28 KB
29 KB 9ms
8ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/right-bg.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf8ba0b970ef455aafb3de0d80471b130696ac14cc1b0c7fe426656e00a39a1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 29050

GET
H2 200 right-bg-footer.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 171 KB
172 KB 9ms
7ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/right-bg-footer.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b7d6de2ad6639408c714b9a4e8dd4791854906beab0329fef2df94661e67fb14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 175274

GET
H2 200 right-image.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 25 KB
25 KB 14ms
11ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/right-image.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 656fb640ff915cd53da0543a28352288bb5c94b6da8005ad2c5ab27bd20d8ea4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 25844

GET
H2 200 cta.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 3 KB
3 KB 14ms
11ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/cta.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d6604d09cecfa8255dbf5406ddc20c24bb740b06fa45bac102eedc88f5262923

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 2847

GET
H2 200 small-copy.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 1 KB
2 KB 15ms
11ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/small-copy.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dd92368aaf473b2dd2aa6f40fb7778a176018eab93b8e5b378f811e5cac68d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1438

GET
H2 200 right-bg-scroll.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 112 KB
112 KB 15ms
11ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/right-bg-scroll.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7d91076c13fda13c5c0c10ca7d6ea2f1cd1156cf9a2b8ce3b70ea103a6cc4d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 114674

GET
H2 200 scroll-logo.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 2 KB
2 KB 16ms
13ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/scroll-logo.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ae104e978ce1199491a3aa09a96a5d67f93acda03b609d703a814d8dc9810a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1930

GET
H2 200 right-image2.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 23 KB
23 KB 16ms
14ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/right-image2.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bea54f8f266fc4b380f73cff7c96a4aaef21f8c47beb8de51f37b3f2af756471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 23288

GET
H2 200 right-image3.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 25 KB
25 KB 17ms
15ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/right-image3.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e0b55e1720dd17be06fa18f7f658f0ba5072a5c7ca5f7860c45da19e347825b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 25575

GET
H2 200 lib1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 7605 194 KB
66 KB 22ms
21ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/lib1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31874
accept-ranges: bytes

GET
H2 200 base.js Show response
cdn.inskinad.com/isfe/creative/1/ Frame 7605 126 KB
34 KB 20ms
19ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 09:07:30 GMT
server: AkamaiNetStorage
etag: "09dbbd6a4c0cbed4bc0c34ed5a3fe2f9:1643706450.53447"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 34811
expires: Tue, 08 Feb 2022 21:40:46 GMT

GET
H2 200 global1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame 7605 1 KB
872 B 13ms
12ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/global1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a08ace2d5330f88a46e55ea98a6d4d801136f2dd35063819a64e8a875f65cff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 665

GET
H2 200 global1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 7605 443 B
619 B 11ms
10ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/global1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dad2878fa9be3e172ba33fc64ad389b647206e5d71fca395c7079eddd2683658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 443

GET
H2 200 bottom1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame 7605 51 B
237 B 12ms
11ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/bottom1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8cbc0db8eb2b1b5ed89444964300b413c4c9bd1a01cd51bb04a2c44b6bf77639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31875
accept-ranges: bytes
content-length: 51

GET
H2 200 bottom1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 7605 218 B
393 B 13ms
12ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c94b2dc513022d0afc31167049d4da5d0c3a18e772ece08a1ce68cde3e99c732

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 218

GET
H2 200 footer-bg.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 7605 5 KB
5 KB 10ms
9ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/footer-bg.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9d5c9b354dacc235f679de0cf26058aae70b5f530633b34567d4d2291d314b26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 4714

GET
H2 200 footer-hover.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 7605 24 KB
24 KB 17ms
16ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/footer-hover.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 389659b9fc558a5f9be2b7624d176d6df0c0b62d005a8200bbf565271f88842c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/bottom.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1801&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 24687

GET
H2 200 lib1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 4AE2 194 KB
66 KB 24ms
24ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/lib1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31874
accept-ranges: bytes

GET
H2 200 base.js Show response
cdn.inskinad.com/isfe/creative/1/ Frame 4AE2 126 KB
34 KB 22ms
21ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 09:07:30 GMT
server: AkamaiNetStorage
etag: "09dbbd6a4c0cbed4bc0c34ed5a3fe2f9:1643706450.53447"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 34811
expires: Tue, 08 Feb 2022 21:40:46 GMT

GET
H2 200 global1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame 4AE2 1 KB
872 B 17ms
17ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/global1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a08ace2d5330f88a46e55ea98a6d4d801136f2dd35063819a64e8a875f65cff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 665

GET
H2 200 global1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 4AE2 443 B
619 B 13ms
13ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/global1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dad2878fa9be3e172ba33fc64ad389b647206e5d71fca395c7079eddd2683658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 443

GET
H2 200 left1643031061973.js Show response
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/ Frame 4AE2 2 KB
756 B 18ms
18ms Script
application/x-javascript 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/js/left1643031061973.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6daa4db0e81c38ce3cd9efb50c7692175c06f4f2c335c538a63ade407ebded29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31875
accept-ranges: bytes
content-length: 549

GET
H2 200 left1643031061973.css
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/ Frame 4AE2 880 B
510 B 18ms
17ms Stylesheet
text/css 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left1643031061973.css
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 900d8d8fa420cbf77fcbd6300a9545e0118ea8a1b64677892ca65c1fc626e10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 314

GET
H2 200 left-bg.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 40 KB
40 KB 10ms
10ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-bg.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9a5136d1bfad5f3fcdaff24912a535dc34c37844c59e00988bd2207c72fdbe43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 40497

GET
H2 200 left-footer.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 125 KB
125 KB 15ms
14ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-footer.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 94229996bcb9ea3bfc091efb91ed6b539166a5588413a0b66a595124e3dda14f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 127910

GET
H2 200 left-image.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 21 KB
21 KB 13ms
12ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-image.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c40a44a19df53213ec78535f5c40a322fe6625cb9590ea8d4ec39d2f898f54b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 21352

GET
H2 200 cta.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 3 KB
3 KB 14ms
13ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/cta.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d6604d09cecfa8255dbf5406ddc20c24bb740b06fa45bac102eedc88f5262923

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 2847

GET
H2 200 small-copy.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 1 KB
2 KB 14ms
13ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/small-copy.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dd92368aaf473b2dd2aa6f40fb7778a176018eab93b8e5b378f811e5cac68d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1438

GET
H2 200 left-bg-scroll.jpg
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 132 KB
133 KB 15ms
14ms Image
image/jpeg 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-bg-scroll.jpg
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 82b09807856832a612a1cd8f14937acf467fed226eea813f7ac4fc212e75bd6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 135542

GET
H2 200 scroll-logo.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 2 KB
2 KB 21ms
21ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/scroll-logo.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ae104e978ce1199491a3aa09a96a5d67f93acda03b609d703a814d8dc9810a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1930

GET
H2 200 left-image2.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 28 KB
28 KB 22ms
21ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-image2.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 350c267c41d95f4bf8a29ec1e7e4db6ec3b59718a53b6c2f1c38aa72ad389064

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31875
accept-ranges: bytes
content-length: 28347

GET
H2 200 left-copy2-small.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 5 KB
6 KB 22ms
21ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-copy2-small.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5b241fa53e03b0d4457a489dd31d8a9ef5270a622074f8380d4efabfe530fc17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31875
accept-ranges: bytes
content-length: 5595

GET
H2 200 left-copy3-small.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 6 KB
6 KB 22ms
22ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-copy3-small.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1e0f54c513780714962137c641f4c1021a3115f8019b64925fe877d99006a971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 5667

GET
H2 200 left-image3.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 21 KB
21 KB 24ms
23ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/left-image3.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 513140a723846aa57aff6195f00e513042eed348c059805ad41acc8041eeabaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 21709

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DD74 12 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1259113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y37TP4gpu5vYpY2BcTRKl0pU4ldhDk0ZIkN2vuzaLg83nlhvr4Pia8VVCo1uebmmN0XcGfwfS7bKkUqC7wZLwS3w%2BEq%2Bzy2ES7gbGVUKWz8xJFD2%2BsBM4hsnq0YFWzHzuq9YDllhQ3ad0%2FNI1rJJ%2BHE9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6da80337eaff6925-FRA
expires: Sun, 29 Jan 2023 21:39:46 GMT

GET
H2 200 ados.js Show response
mfad.inskinad.com/ Frame CB91 37 KB
10 KB 101ms
93ms Script
application/javascript 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mfad.inskinad.com/ados.js
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:49:54 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61fa53c2-9238"
content-type: application/javascript

GET
H/1.1 200
OK px Show response
secure.adnxs.com/ Frame 696E 0
990 B 53ms
20ms Document
application/javascript 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?id=1476479&seg=26386575&t=1

Requested by

Host: nym1-ib.adnxs-simple.com
URL: https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLSDmxSBwAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYDwmjhEOC7YAgDgApjxXOoCXGh0dHBzOi8vd3d3LnVyZHVwb2ludC5jb20vZW4vd29ybGQvcHV0aW4tYmlkZW4tYWdyZWUtc3RhdGUtb2YtcnVzc2lhbi11cy1jb29wZXItMTQyMTAzMy5odG1s8gIRCgZBRFZfSUQSBzQ4MDkwODPyAhIKBkNQR19JRBIIMTY5NzEzNTbyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWQgHNjdl1wDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IEBMIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEpT8ciAUBmAUAoAWxm-j_AaoFJDkwMzBlZTllLTZkYWQtNGQzZi04MzBlLTc0ZGJjYTdmNjA5M8AFAMkFAAAAAAAA8D_SBQkJAAUMdAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEF54ERBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FQQE9BQEQSGdBZ1EdEHBJZ0JBSkFCQUpvQkFnZ0GQBgCYBgCiBg8xMzIzMQn6IDQ0NDS4BgHBBgmlKPA_0AatRNoGFgoQCREZASFFGOAGAeoGOnXNFRg1ODE1MDE0NtkFAR3JFRA5MTQ1OTYdAEDyBgIIAIAHAYgHAKAHAboHDyEGABgpnCy9BkAAyAeEygXSBw01NAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=b351bdf59540cd2dbd2bee67a6b1e51c204a33f2&pp=21.6543

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

Server: nginx/1.17.9
Date: Tue, 08 Feb 2022 21:39:46 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
AN-X-Request-Uuid: 0c9717c2-24e2-496d-8878-c7956c78a576
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H2 204 i
t.illuma-tech.com/ Frame A96B 0
0 130ms
58ms Document
text/plain 34.248.224.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.illuma-tech.com/i?adv_id=4809083&auction_id=7009655512589407225&cpg_id=16971356&cp_id=0&referer_url_enc=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tag_id=22777846&creative_id=334783641&bid_price=160.50417&price_paid=26.478723&gdpr_applies=1&gpdr_consent_string=&use_cookies=0
Requested by: Host: nym1-ib.adnxs-simple.com
URL: https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLSDmxSBwAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYDwmjhEOC7YAgDgApjxXOoCXGh0dHBzOi8vd3d3LnVyZHVwb2ludC5jb20vZW4vd29ybGQvcHV0aW4tYmlkZW4tYWdyZWUtc3RhdGUtb2YtcnVzc2lhbi11cy1jb29wZXItMTQyMTAzMy5odG1s8gIRCgZBRFZfSUQSBzQ4MDkwODPyAhIKBkNQR19JRBIIMTY5NzEzNTbyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWQgHNjdl1wDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IEBMIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEpT8ciAUBmAUAoAWxm-j_AaoFJDkwMzBlZTllLTZkYWQtNGQzZi04MzBlLTc0ZGJjYTdmNjA5M8AFAMkFAAAAAAAA8D_SBQkJAAUMdAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEF54ERBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FQQE9BQEQSGdBZ1EdEHBJZ0JBSkFCQUpvQkFnZ0GQBgCYBgCiBg8xMzIzMQn6IDQ0NDS4BgHBBgmlKPA_0AatRNoGFgoQCREZASFFGOAGAeoGOnXNFRg1ODE1MDE0NtkFAR3JFRA5MTQ1OTYdAEDyBgIIAIAHAYgHAKAHAboHDyEGABgpnCy9BkAAyAeEygXSBw01NAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=b351bdf59540cd2dbd2bee67a6b1e51c204a33f2&pp=21.6543
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.224.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-224-58.eu-west-1.compute.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
server: uvicorn

GET
H/1.1 200
OK rd_log Show response
nym1-ib.adnxs-simple.com/ Frame CB91 0
657 B 108ms
104ms Script
text/html 68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLSDmxSBwAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYDwmjhEOC7YAgDgApjxXOoCXGh0dHBzOi8vd3d3LnVyZHVwb2ludC5jb20vZW4vd29ybGQvcHV0aW4tYmlkZW4tYWdyZWUtc3RhdGUtb2YtcnVzc2lhbi11cy1jb29wZXItMTQyMTAzMy5odG1s8gIRCgZBRFZfSUQSBzQ4MDkwODPyAhIKBkNQR19JRBIIMTY5NzEzNTbyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWQgHNjdl1wDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IEBMIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEpT8ciAUBmAUAoAWxm-j_AaoFJDkwMzBlZTllLTZkYWQtNGQzZi04MzBlLTc0ZGJjYTdmNjA5M8AFAMkFAAAAAAAA8D_SBQkJAAUMdAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEF54ERBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FQQE9BQEQSGdBZ1EdEHBJZ0JBSkFCQUpvQkFnZ0GQBgCYBgCiBg8xMzIzMQn6IDQ0NDS4BgHBBgmlKPA_0AatRNoGFgoQCREZASFFGOAGAeoGOnXNFRg1ODE1MDE0NtkFAR3JFRA5MTQ1OTYdAEDyBgIIAIAHAYgHAKAHAboHDyEGABgpnCy9BkAAyAeEygXSBw01NAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=aa0c07f2754cb51c8e084aaca0a95d7c35993fcb&bdref=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html,https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 550.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 767929ea-a8f3-4503-9794-a6ee78632e36
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK it
nym1-ib.adnxs-simple.com/ Frame CB91 0
657 B 205ms
96ms Image
text/html 68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs-simple.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLLDGxLBgAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYD0XgE4RDgu2AIA4AKY8VzqAlxodHRwczovL3d3dy51cmR1cG9pbnQuY29tL2VuL3dvcmxkL3B1dGluLWJpZGVuLWFncmVlLXN0YXRlLW9mLXJ1c3NpYW4tdXMtY29vcGVyLTE0MjEwMzMuaHRtbIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEmcnRnwGIBQGYBQCgBf___________wGqBSQ5MDMwZWU5ZS02ZGFkLTRkM2YtODMwZS03NGRiY2E3ZjYwOTPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEFBddhBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FKa4BARRIZ0FnUUUBCgkBdElnQkFKQUJBSm9CQWdnQZAGAJgGAKIGDzEzMjMxIwX6JDQ0NDS4BgHBBgAFASjwP9AGrUTaBhYKEAUQHQEoEAAYAOAGAeoGOnWtDhg1ODE1MDE0NtIEAR2pDhA5MTQ1OTYdAETyBgIIAIAHAYgHAKAHAboHDwgFV0QgADAAOL0GQADIB4TKBdIHDQkReAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=9801629389af1974885ad1e37ecdefa3218dfebd

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 550.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: cd60ca30-2d0e-4f49-a579-ea0367d4e02d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/222/ Frame CB91 85 KB
29 KB 93ms
21ms Script
application/x-javascript 92.122.253.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/222/trk.js
Requested by: Host: nym1-ib.adnxs-simple.com
URL: https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLSDmxSBwAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYDwmjhEOC7YAgDgApjxXOoCXGh0dHBzOi8vd3d3LnVyZHVwb2ludC5jb20vZW4vd29ybGQvcHV0aW4tYmlkZW4tYWdyZWUtc3RhdGUtb2YtcnVzc2lhbi11cy1jb29wZXItMTQyMTAzMy5odG1s8gIRCgZBRFZfSUQSBzQ4MDkwODPyAhIKBkNQR19JRBIIMTY5NzEzNTbyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWQgHNjdl1wDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IEBMIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEpT8ciAUBmAUAoAWxm-j_AaoFJDkwMzBlZTllLTZkYWQtNGQzZi04MzBlLTc0ZGJjYTdmNjA5M8AFAMkFAAAAAAAA8D_SBQkJAAUMdAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEF54ERBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FQQE9BQEQSGdBZ1EdEHBJZ0JBSkFCQUpvQkFnZ0GQBgCYBgCiBg8xMzIzMQn6IDQ0NDS4BgHBBgmlKPA_0AatRNoGFgoQCREZASFFGOAGAeoGOnXNFRg1ODE1MDE0NtkFAR3JFRA5MTQ1OTYdAEDyBgIIAIAHAYgHAKAHAboHDyEGABgpnCy9BkAAyAeEygXSBw01NAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=b351bdf59540cd2dbd2bee67a6b1e51c204a33f2&pp=21.6543
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.253.36 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-253-36.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 10:40:55 GMT
Server: AkamaiNetStorage
ETag: "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29209
Expires: Wed, 08 Feb 2023 21:39:46 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5D31 13 KB
5 KB 56ms
19ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.urdupoint.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1823
date: Tue, 08 Feb 2022 21:39:45 GMT
content-length: 5182
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 79ms
39ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Feb 2022 21:39:46 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DD74 12 KB
6 KB 18ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 24 KB
24 KB 17ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a173e2f99269f8823f81e80d8cf158ed683e6dd37d20a72b0de7a48c5a04158b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24356
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 13 KB
13 KB 18ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

59da3d2ad9aa7d940a1c6033d47a4203c494aff0c69c74bb53f59538a09b3099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29290959
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12923
expires: Fri, 13 Jan 2023 22:02:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 8 KB
8 KB 19ms
17ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b27ef300382a68609c6b6a866f8f72258965f172960640e8a71c1dd4102b44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31388368
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7994
expires: Tue, 07 Feb 2023 04:39:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 18 KB
18 KB 27ms
25ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4d7cb6befbc94ef68864ea0fd38e137942b2bb646c9861684558d478407ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17934
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 16 KB
17 KB 19ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f087d94dd25b0ac7ecae0dcd31d26a79c6b6145a01ad414e64068894d4cd5b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16748
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 11 KB
12 KB 25ms
23ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7d35412230df84d445ffa85b8df8ee6efb70e34520f995379c06a4d337a04f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29693883
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11646
expires: Wed, 18 Jan 2023 13:57:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 19 KB
19 KB 20ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

54a153923bfe25e7c0c8dce6d594f502e7861c52e239b731ad04a937da40da2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19102
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 18 KB
18 KB 21ms
20ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bc7ea5b6fae135415ac8a4b61769d27796aa16d033b6bb4fa5b6b6404240f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17948
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 13 KB
13 KB 24ms
23ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e69e7abf38c9d3fef1b1b82c9de451f5dd004e6414278be2af0b7288feb18ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13546
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 6 KB
6 KB 18ms
17ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f77e6c8cee7a44ad2a6a78a04e6578160f1c6a40f96ddce2845d1dc5dbd77ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29935447
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6338
expires: Sat, 21 Jan 2023 09:03:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 14 KB
15 KB 22ms
21ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1ddf54555ab2c83e5e5df79154ea339ba83672c93eaff5e2ac4d00b8dd058336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14648
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 21 KB
21 KB 22ms
22ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

41b4822cba86a03bfb7f94dcdb9e13f66d7ceb7e9d7fe5d7f35915ae89ba76a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 21134
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 17 KB
17 KB 26ms
25ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=16367&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F16367%2F180504%2F66f7cd179beb464e8536ed7411abdbb8_logo.png&v=3&w=596&s=XwUuSakPSc2yEQMfBuNKDjR_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4140185024faab0c3351923fe7b2da5001f7554ce5103fde7a7c54d365012a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30258264
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16900
expires: Wed, 25 Jan 2023 02:44:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 12 KB
12 KB 25ms
24ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

955d3643ea9f78c9ea06601f5248b2132c92cda7a1166361f65948b95ac23fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12108
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 11 KB
12 KB 22ms
21ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

70889e26dd24c5dcc34a98561f1d14bc5060fbbe6130589289cbdc5a9a3a31c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11668
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 3 KB
3 KB 30ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Fcompanies%2Flogos%2F1295735%2Foriginal_1638886987.png%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=dvePrIqdogCii5gwWs22MPWb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6c48357ee9b284abcd0de98bae4f5997cdf57435f78b3945e8e7cda409c5fb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31490168
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2918
expires: Wed, 08 Feb 2023 08:55:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 14 KB
14 KB 26ms
25ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

38169b6318a08654cac4149d9acc72d6726a6a5e55509810fad19da8423db6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14404
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 5 KB
5 KB 28ms
27ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Fcompanies%2Flogos%2F1402843%2Foriginal_1638190709.png%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=sLUJJ0V0VWzo7_xY-wgngwmW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4bf8f0be6b9b4a9cd029f0c30a651690ea007ad1b44745e7a5b2d6904ffa5372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30889503
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4650
expires: Wed, 01 Feb 2023 10:04:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 8 KB
9 KB 27ms
26ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Fcompanies%2Flogos%2F1407088%2Foriginal_1641818428.png%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=LBJNw2fvF2C5asKqEzQlEFYt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e6b46dcf62136665c0c87d34baa87a37ff3a1138435a88af95082cb7a24be1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29076208
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8525
expires: Wed, 11 Jan 2023 10:23:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 10 KB
10 KB 26ms
25ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ace8a885512a44c6b6d25dca32b74faafa298174a47cee254fbb0df131b057d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10320
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 7 KB
7 KB 29ms
28ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.imgix.net%2Faccounts%2Flogos%2F145%2Foriginal_1547035950.svg%3Fw%3D300%26h%3D300%26fit%3Dfill%26fill%3Dsolid%26fill-color%3Dffffff&v=3&w=400&s=BoAIsw2XkMuhgOce0klXBf4r&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8c49fe0bac584ca240fc17c57e3f533fa6153ccb5745887c1350d6de10fe5a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28942883
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6780
expires: Mon, 09 Jan 2023 21:21:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 17 KB
17 KB 28ms
28ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e892adf36677c39e52a7fa563fb0371395cfa92b0ccfdaeb21cb60d110b5b5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17088
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD74 15 KB
15 KB 38ms
37ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d1916f330065c0894fe52d47af002d4f81ddb8f6670ae0aef95bb3ebb8777e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 15464
expires: Fri, 03 Feb 2023 21:39:46 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DD74 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=TFZ2Ny7lkg5pidaDgB_L6yPaFYd7kDb8_ZfwxJbnL0seSuPogh6_BA7VMtaT8YBJ9Hh2yMvZcABU8Ww_1CTP-Uqu0tOM35OqUHoshw8AouJFHiT1jh2MIKricBb4VdVKTc2eIXj0uVazbTqgAT7ud9NU1gmaBVUjhc_7NRtENOWtQjhln6-mLiw0fX_s4vjVy2ysmDPVqszyqG8KaZkEK_ixJG6iVeebzpOoDlKty5SrSzZxOFjSLDblaq8PV-q9b4m5Lw&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:45 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DD74 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DD74 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7E80 664 B
356 B 46ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 20:18:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Feb 2022 21:39:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H3

200

B27050295.324629000;dc_pre=CNWlwfKI8fUCFQiKdwodgboFcA;dc_trk_aid=516909492;dc_trk_cid=164277123;ord=1644356386228;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N572608.468584AMNETGROUP/ Frame 93F7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N572608.468584AMNETGROUP/B27050295.324629000;dc_trk_aid=516909492;dc_trk_cid=164277123;ord=1644356386228;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N572608.468584AMNETGROUP/B27050295.324629000;dc_pre=CNWlwfKI8fUCFQiKdwodgboFcA;dc_trk_aid=516909492;dc_trk_cid=164277123;ord=1644356386228;dc_lat=;dc_rdid=;t...

42 B
63 B

45ms
27ms

Image
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N572608.468584AMNETGROUP/B27050295.324629000;dc_pre=CNWlwfKI8fUCFQiKdwodgboFcA;dc_trk_aid=516909492;dc_trk_cid=164277123;ord=1644356386228;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N572608.468584AMNETGROUP/B27050295.324629000;dc_pre=CNWlwfKI8fUCFQiKdwodgboFcA;dc_trk_aid=516909492;dc_trk_cid=164277123;ord=1644356386228;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3DDB 664 B
356 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 20:19:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Feb 2022 21:39:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 29B8 35 B
2 KB 97ms
50ms Image
image/gif 2a02:26f0:12d:5ac::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=9846909&rnd=1644356386230&gdpr=0&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d:5ac::1ec4 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:5b4dbfaf-2d3f-4217-81a4-dbc3623f316f
Pragma: no-cache
Referrer-Policy: unsafe-url
X-Frame-Options: ALLOWALL
Date: Tue, 08 Feb 2022 21:39:46 GMT
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Expose-Headers: Request-Context
Cache-Control: max-age=0, no-cache
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H2 200 e.gif
mfad.inskinad.com/ Frame 006A 43 B
498 B 102ms
102ms Image
image/gif 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mfad.inskinad.com/e.gif?e=eyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6NDB9&s=yqFo_2CjR38vlI3lIMAbjG6sT10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1a-i-042201b6289056f56

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3DDB 18 KB
18 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4d7cb6befbc94ef68864ea0fd38e137942b2bb646c9861684558d478407ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17934
expires: Fri, 03 Feb 2023 21:39:46 GMT

GET
H2 200 1 Show response
serving.stat-rock.com/v1/placements/WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c/code/js/ Frame D89A 4 KB
2 KB 95ms
30ms XHR
application/json 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/v1/placements/WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c/code/js/1?url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&b=0.9837536755825296
Requested by: Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: eae0597bc9cebc5af113044ad2604ee5a90e5578c4f8808f32331d2efca0650d

Request headers

Accept: */*
Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
server: nginx
srvb: 127.0.0.1:8082
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://www.urdupoint.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
srvf: 95.217.58.251

GET
H3 200 css
fonts.googleapis.com/ Frame DD74 664 B
356 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 20:49:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Feb 2022 21:39:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H2 200 cta.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 3 KB
3 KB 17ms
15ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/cta.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d6604d09cecfa8255dbf5406ddc20c24bb740b06fa45bac102eedc88f5262923

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 2847

GET
H2 200 small-copy.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 1 KB
2 KB 16ms
15ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/small-copy.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dd92368aaf473b2dd2aa6f40fb7778a176018eab93b8e5b378f811e5cac68d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1438

GET
H2 200 scroll-logo.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame B090 2 KB
2 KB 17ms
16ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/scroll-logo.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ae104e978ce1199491a3aa09a96a5d67f93acda03b609d703a814d8dc9810a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/right.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1800&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1930

GET
H2 200 cta.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 3 KB
3 KB 23ms
23ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/cta.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d6604d09cecfa8255dbf5406ddc20c24bb740b06fa45bac102eedc88f5262923

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 2847

GET
H2 200 small-copy.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 1 KB
2 KB 24ms
23ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/small-copy.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dd92368aaf473b2dd2aa6f40fb7778a176018eab93b8e5b378f811e5cac68d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1438

GET
H2 200 scroll-logo.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame 4AE2 2 KB
2 KB 24ms
24ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/scroll-logo.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ae104e978ce1199491a3aa09a96a5d67f93acda03b609d703a814d8dc9810a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/left.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1802&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:46 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 1930

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D89A 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqvaETGuFUycIP2cJbEz2NhlM_oytBLosjDF1JABeRZZASn4wNescRLFrGfOMrtoD6XMeQCxErvaKRp59OtFezXIBipqe-XgW_uqREZ0c3q8L27DwADt5cF2tZBfdt8pQxOQOl12WSxnpaZeY7HfII6upPYoRn4_ewGBU5st3y7JjQvW_84DoAwtaTkMugyqx1CQM7Crff9-rSaLUml2XvClCOBNZZ6gLbAzE4pf5cF2mmIxdZ4jyoaoNRDg1eLReT_W1_SYYbbnUHx2OzJwCZRhQHQm2oKnnnGuFv0YhIUcthE-zjPw&sai=AMfl-YTjFoK5soFIA37yaR8az1Vkrw15qD-7NrFFG9G1AWSmI3uv6bUXFnAnApLc96bRONegoAnayteVtnRyAFsMK00wD4c1MEIbdJbY38NhBMKUi3NNqkD2fYjyla5CtbFL&sig=Cg0ArKJSzLM9FZHT45txEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Feb 2022 21:39:46 GMT

GET
H3 200 kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 24CA 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9110c998143339ef68f7bfb147a71ea72cb23dde25fdfc7965a2c1bef5b29bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 15:38:43 GMT

GET
H3 200 kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B05 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kRDJmBQzOe9o97-xR6cepyyyPd4l_fx5ZaLBvvWym_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9110c998143339ef68f7bfb147a71ea72cb23dde25fdfc7965a2c1bef5b29bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 15:38:43 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 7E80 23 KB
23 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 526156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:30 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame CB91 0
681 B 109ms
108ms Ping
text/html 68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLLDGxLBgAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYD0XgE4RDgu2AIA4AKY8VzqAlxodHRwczovL3d3dy51cmR1cG9pbnQuY29tL2VuL3dvcmxkL3B1dGluLWJpZGVuLWFncmVlLXN0YXRlLW9mLXJ1c3NpYW4tdXMtY29vcGVyLTE0MjEwMzMuaHRtbIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEmcnRnwGIBQGYBQCgBf___________wGqBSQ5MDMwZWU5ZS02ZGFkLTRkM2YtODMwZS03NGRiY2E3ZjYwOTPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEFBddhBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FKa4BARRIZ0FnUUUBCgkBdElnQkFKQUJBSm9CQWdnQZAGAJgGAKIGDzEzMjMxIwX6JDQ0NDS4BgHBBgAFASjwP9AGrUTaBhYKEAUQHQEoEAAYAOAGAeoGOnWtDhg1ODE1MDE0NtIEAR2pDhA5MTQ1OTYdAETyBgIIAIAHAYgHAKAHAboHDwgFV0QgADAAOL0GQADIB4TKBdIHDQkReAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=9801629389af1974885ad1e37ecdefa3218dfebd&type=nv&nvt=5&jm=1003&px=1180&py=2992&bw=140&bh=76&sid=4347453921409068246&vd=ct~0|rr~0&sv=222&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=22777846&sw=1600&sh=1200&pw=1600&ph=3548&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:46 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 550.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: ebff1ce5-b0c0-4c76-9d3d-16bbcdbe0587
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 3DDB 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 526156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:30 GMT

GET
H2 200 ados Show response
mfad.inskinad.com/ Frame CB91 3 KB
2 KB 111ms
111ms Script
application/javascript 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mfad.inskinad.com/ados?t=1644356386853&request=%7B%22Placements%22%3A%5B%7B%22A%22%3A9874%2C%22S%22%3A681017%2C%22D%22%3A%22ism-rtb-companion%22%2C%22AT%22%3A2163%2C%22RedirectUrl%22%3A%22-optional-click-macro-%22%7D%5D%2C%22Keywords%22%3A%22msftq22de%22%2C%22Referrer%22%3A%22%22%2C%22IsAsync%22%3Atrue%7D
Requested by: Host: mfad.inskinad.com
URL: https://mfad.inskinad.com/ados.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: d2bddf12640533fc563d3324c26896664b8738677f27b7488480a5cc08055e4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"a5b-Q7m1qvrEPvf/mf8zNTXw9lBGT84"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by: bifrost-production-shard001-us-east-1b-i-00e93c67f48021d0c

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5D31
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=urdupoint.com&sn=ChromeSyncframe&so=0&topUrl=www.urdupoint.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=vpzlR3xzSVFQY1pTMytoUXZPQU5xc3pDWGRvc0ozc2ttRXlHbTl3Wi9TZ2M4LytQTGtqWFRrUlZzdXA4OHBncUNZLythdUxTdlRwdnhvbElPZFI4ekZrSmNXZTBFRWtPdXd4T3laQTM4bkxLMHZxamo3T01Ndks4dFBXZ0...

419 B
627 B

62ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vpzlR3xzSVFQY1pTMytoUXZPQU5xc3pDWGRvc0ozc2ttRXlHbTl3Wi9TZ2M4LytQTGtqWFRrUlZzdXA4OHBncUNZLythdUxTdlRwdnhvbElPZFI4ekZrSmNXZTBFRWtPdXd4T3laQTM4bkxLMHZxamo3T01Ndks4dFBXZ0JHVXAyOThzbjh0K0ZNWmk1cHhGVXhJTlVwRHN2SVZxTThOL3NSY3FDT1NybW9jc2RXK3BDemdrOXU0Y205c3BLNXNTbTFQTVZXcXMwWHIxTTBXWUZTTjk2UjNMRlJlYWNXSnlyMDBlbDN6RXZJKzBnZmgvSGxLTVIrcGdOdkJ0VzF3UEtmSitjejFKNzVoNHpIZlVFNXF1SlJXVmdNUT09fA&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.urdupoint.com

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1bafcaf8729ad79c8fad5b0850e3bf90fa5bacf70385042659004a68276ac487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4816
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:45 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=vpzlR3xzSVFQY1pTMytoUXZPQU5xc3pDWGRvc0ozc2ttRXlHbTl3Wi9TZ2M4LytQTGtqWFRrUlZzdXA4OHBncUNZLythdUxTdlRwdnhvbElPZFI4ekZrSmNXZTBFRWtPdXd4T3laQTM4bkxLMHZxamo3T01Ndks4dFBXZ0JHVXAyOThzbjh0K0ZNWmk1cHhGVXhJTlVwRHN2SVZxTThOL3NSY3FDT1NybW9jc2RXK3BDemdrOXU0Y205c3BLNXNTbTFQTVZXcXMwWHIxTTBXWUZTTjk2UjNMRlJlYWNXSnlyMDBlbDN6RXZJKzBnZmgvSGxLTVIrcGdOdkJ0VzF3UEtmSitjejFKNzVoNHpIZlVFNXF1SlJXVmdNUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1966
content-length: 541
expires: 0

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame DD74 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 526156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:30 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame F1B0 930 B
931 B 39ms
9ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2A-yIeMCYuPdCqSplQfvlLHoBt2t6Khgu4_f1IgK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBN8BT9CBSxgQ4NKmt0q_3siPDu1nct7A5dPlG4-MIokEsIVDZ4QlR0OgZmBCBEXlZkwIUDd8ORV5-srN6ZRLAlWUYcpL3EvTgUSpnb1H6a6zLcca4Ae17KB-9Zd4OBDfMgedcsHVsHFrd3EE_tU2ZYNdE-TcdTzhFkYOEK86tPcSbTCSi0NttDSRIQElXS5W_SonuaImuJ1bsuUPlp1i0_Ee1x1Rm8p_8Mge8o_6O2fLTGSfwIr5PuS3Ojf5aDv4egX18sv71ybmhYztZsBKpTjs8UV5h05XAj_JL1VZDtCGFMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw%26sig%3DAOD64_1Zo_mNtXVj1t6oWuM645kgx96CxQ%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-AuTl8iLKu7pS1ME5Tp7OnEIM7a2IcY1uVAmo6DTzcGg6Gjsn-cbLmDz0AFyvW7WeCi3uvxRI3fRg68kLQZmTe3twdbu5esbZoA_9pgJzIcOO4ArvpwQIQXquihsOaIs_mIP4yY7MIwrNOaJFyS2l4aEbtZ3w%26cry%3D1%26dbm_d%3DAKAmf-AxiufkYn11js9qP6mGn9LrZpqUJNKYDMWu9BP8vRXaUN3hFNuj9KbmoHcSL1Y1I-GH-0L6q7o7W5euKe-Ey1QxB-L9nZ1_6C_nq9WbqJqnmfJkXfkoH-tPOLIGNJgVttrzkpc4cCwOMk0hdPQkMLtL2dsFYa6SxEQyatnU3iX0bmoln8XptUoYYnPSlEv2co03m3QvfagrgkBEARuFjp-lZXWXBCNUrXrCwVQ_96204jmEmrWkt2q7YNCFJKbm60aHiDKdmNnCLe0CUiiYXWnY3a0PlQRT83gvt3jvQPPqi5Jo8H9kZUKvr7gj8IGDRDPIpLc17FgJactj8BEgpxKuD3qtFzT-GaAdFCdJRiQKqSCDHVerMWPzNfzk89JMc4a3vPQp4174VrC1B0Pv6Dlu0E9X3CaIFvgBDE1VgTAdswGaf_2xzrdzupVC7n1CHngRqjOspas2OTHlMi4pj4eGo3rvdoMRTjpej0f6asMY1bpQ5dSQwYGSlj4Z9yCL9SUK0CNwCijPXRcoqA9hLK8OOr9t8Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=9312583503684&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Tue, 08 Feb 2022 21:39:46 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 15 Feb 2022 21:39:46 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame 91D5 7 KB
3 KB 35ms
12ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=36926100239878200757589011864001&a=383057c9
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=f95149a646&subid=&uid=c2a79c70b775f2c1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2A-yIeMCYuPdCqSplQfvlLHoBt2t6Khgu4_f1IgK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBN8BT9CBSxgQ4NKmt0q_3siPDu1nct7A5dPlG4-MIokEsIVDZ4QlR0OgZmBCBEXlZkwIUDd8ORV5-srN6ZRLAlWUYcpL3EvTgUSpnb1H6a6zLcca4Ae17KB-9Zd4OBDfMgedcsHVsHFrd3EE_tU2ZYNdE-TcdTzhFkYOEK86tPcSbTCSi0NttDSRIQElXS5W_SonuaImuJ1bsuUPlp1i0_Ee1x1Rm8p_8Mge8o_6O2fLTGSfwIr5PuS3Ojf5aDv4egX18sv71ybmhYztZsBKpTjs8UV5h05XAj_JL1VZDtCGFMAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoM4MY1yVwUZe93TBJJXhBZSp8Fw%26sig%3DAOD64_1Zo_mNtXVj1t6oWuM645kgx96CxQ%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-AuTl8iLKu7pS1ME5Tp7OnEIM7a2IcY1uVAmo6DTzcGg6Gjsn-cbLmDz0AFyvW7WeCi3uvxRI3fRg68kLQZmTe3twdbu5esbZoA_9pgJzIcOO4ArvpwQIQXquihsOaIs_mIP4yY7MIwrNOaJFyS2l4aEbtZ3w%26cry%3D1%26dbm_d%3DAKAmf-AxiufkYn11js9qP6mGn9LrZpqUJNKYDMWu9BP8vRXaUN3hFNuj9KbmoHcSL1Y1I-GH-0L6q7o7W5euKe-Ey1QxB-L9nZ1_6C_nq9WbqJqnmfJkXfkoH-tPOLIGNJgVttrzkpc4cCwOMk0hdPQkMLtL2dsFYa6SxEQyatnU3iX0bmoln8XptUoYYnPSlEv2co03m3QvfagrgkBEARuFjp-lZXWXBCNUrXrCwVQ_96204jmEmrWkt2q7YNCFJKbm60aHiDKdmNnCLe0CUiiYXWnY3a0PlQRT83gvt3jvQPPqi5Jo8H9kZUKvr7gj8IGDRDPIpLc17FgJactj8BEgpxKuD3qtFzT-GaAdFCdJRiQKqSCDHVerMWPzNfzk89JMc4a3vPQp4174VrC1B0Pv6Dlu0E9X3CaIFvgBDE1VgTAdswGaf_2xzrdzupVC7n1CHngRqjOspas2OTHlMi4pj4eGo3rvdoMRTjpej0f6asMY1bpQ5dSQwYGSlj4Z9yCL9SUK0CNwCijPXRcoqA9hLK8OOr9t8Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=9312583503684&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 16133c0daae66bb7829e8ef8b9095b58106261f298e7aa367df09ff05e60d1aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 08 Feb 2022 21:39:46 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2402
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0B4E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6fa224fce81d86ca034be18a4c8bfead634b2beeebf09b8c7a47495c2cffe5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
adv.office-partner.de/ Frame 8734 930 B
930 B 23ms
9ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCV8PPIeMCYubdCqSplQfvlLHoBt2t6KhgqNy3x7kK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBNsBT9By3MCBzn0_nwDyrQrMyl8e-FX-ABo02zy35xJMUsTdYr9_63FZ28PAgSXrSehez6xzGRuMUt_1S82I2TVAvGCd17eD03_esO4A0Jts4V5g_58JPErGnzGfyec7xpeptKtPIMZh6kdrKt2jyfJY2Hz_4TIVV8C9COoP83xJsxOhEHZL2yoaWb7TW3gYxCapXJy0NEg6eLgTOpOicqk51DK1KUpT_IQWW26SiuuD7vvS5R204FREpAL7zSxoQB4b6DT8OkYZgs0Zbw55bmg25ZdcL-xwiCu3iks6wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw%26sig%3DAOD64_2VJkTRdFp-W8kyotsKYvWjhkPUBw%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-B5DhX-KtoNaT5obLZASzpeyfvo3kcpUrodxtk9AkBiMdJPlIqDEJNo_xYdwv3x_J_yWFf-szXDONOvM64R9M8XT6RQF5mFh6sAD71fiDS3LcYwVC9NP1QimGZLTq9_OptoECfCinfHJCRhhC_Gsvz2z5XFoQ%26cry%3D1%26dbm_d%3DAKAmf-Bw6Nnm_go5ZTKWCdXHLnqL53K_xzKPm0lUDvUXQVEBkXGfi7lpmWTN4CG3_nYqQid3G_jE7SkAcC3hwu3Ne2sceQXCpHPzWa2xgcTwgs8UZINy7rR0nryNIxbmWPZ1ZBADwoz01mvJezQcyFuaXVr2IK4tankdaWOXUCbHkSWn0SKdACiFix6nj2Ss9wuWiZoJSs2oZfBa0o_eItB-nBguAQkEju7PgaOAqxPSEk9m-JDs9XpVsnjRtOv07KAZxFWuRilvCaobXBlx4PnbIA2wOch5Ymk4QWNetSS3aT0NgAYd2ysMzjWvxUuFTFJq5z5ufHyUDvTFpvdyri19Au4H9X4px3HbVZL7mOIEXfFfb-5UR3c_W1319eLwTvhzAAZSLunTd9nzEX35Rm-L90Fjf4VxGkQrlIN29RarvNBmi5WrONnWsIJtbUmKmBosDRaQyR6po1P98-eWMWBubR8cSYoT7RRDOXMX-3syVwp3xXoNId03W3zs4JCsPOHr5FKuyJdaXou1FdRYnJEYMG3UkCuONQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=1327006203056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Tue, 08 Feb 2022 21:39:46 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 15 Feb 2022 21:39:46 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame FAE6 7 KB
3 KB 36ms
12ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=5e63c7c593&subid=&uid=89bc405dce2c6405&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCV8PPIeMCYubdCqSplQfvlLHoBt2t6KhgqNy3x7kK8C4QASC-lpouYJX68IGMB8gBCakC0GHVQJwosz6oAwGqBNsBT9By3MCBzn0_nwDyrQrMyl8e-FX-ABo02zy35xJMUsTdYr9_63FZ28PAgSXrSehez6xzGRuMUt_1S82I2TVAvGCd17eD03_esO4A0Jts4V5g_58JPErGnzGfyec7xpeptKtPIMZh6kdrKt2jyfJY2Hz_4TIVV8C9COoP83xJsxOhEHZL2yoaWb7TW3gYxCapXJy0NEg6eLgTOpOicqk51DK1KUpT_IQWW26SiuuD7vvS5R204FREpAL7zSxoQB4b6DT8OkYZgs0Zbw55bmg25ZdcL-xwiCu3iks6wATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5rN6A3QEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw%26sig%3DAOD64_2VJkTRdFp-W8kyotsKYvWjhkPUBw%26client%3Dca-pub-2880359506957066%26dbm_c%3DAKAmf-B5DhX-KtoNaT5obLZASzpeyfvo3kcpUrodxtk9AkBiMdJPlIqDEJNo_xYdwv3x_J_yWFf-szXDONOvM64R9M8XT6RQF5mFh6sAD71fiDS3LcYwVC9NP1QimGZLTq9_OptoECfCinfHJCRhhC_Gsvz2z5XFoQ%26cry%3D1%26dbm_d%3DAKAmf-Bw6Nnm_go5ZTKWCdXHLnqL53K_xzKPm0lUDvUXQVEBkXGfi7lpmWTN4CG3_nYqQid3G_jE7SkAcC3hwu3Ne2sceQXCpHPzWa2xgcTwgs8UZINy7rR0nryNIxbmWPZ1ZBADwoz01mvJezQcyFuaXVr2IK4tankdaWOXUCbHkSWn0SKdACiFix6nj2Ss9wuWiZoJSs2oZfBa0o_eItB-nBguAQkEju7PgaOAqxPSEk9m-JDs9XpVsnjRtOv07KAZxFWuRilvCaobXBlx4PnbIA2wOch5Ymk4QWNetSS3aT0NgAYd2ysMzjWvxUuFTFJq5z5ufHyUDvTFpvdyri19Au4H9X4px3HbVZL7mOIEXfFfb-5UR3c_W1319eLwTvhzAAZSLunTd9nzEX35Rm-L90Fjf4VxGkQrlIN29RarvNBmi5WrONnWsIJtbUmKmBosDRaQyR6po1P98-eWMWBubR8cSYoT7RRDOXMX-3syVwp3xXoNId03W3zs4JCsPOHr5FKuyJdaXou1FdRYnJEYMG3UkCuONQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.urdupoint.com%2F&ancestorOrigins=https%3A%2F%2Fwww.urdupoint.com&random=1327006203056&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 316a623e753d4cdbb7d7744ed8720f923e9c591a85822011cb9016285fa5be59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/

Response headers

Date: Tue, 08 Feb 2022 21:39:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 08 Feb 2022 21:39:46 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2428
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame FFAB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1ffabab445f06d02e23cb15f57763cb298d8169ae654a5d76db23c607bc905

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 29ms
29ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1644356386871.754&type=INIT&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=260&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3B&r=0.38179559210433167
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:46 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D89A 376 KB
125 KB 56ms
18ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127061
x-xss-protection: 0
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/22650/340306/1793210/203/ Frame D89A 2 KB
1 KB 65ms
14ms XHR
text/xml 2.20.164.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/22650/340306/1793210/203/vast.xml?tg_c.language=eng
Requested by: Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.164.14 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-164-14.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 89c8348c21d8d2004dc450c8a76d223a3554cbfa4e1be659722d056cf94d75b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:47 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 882
Expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame D89A 2 KB
993 B 93ms
34ms XHR
application/xml 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=160046&siteId=769468&adId=3310873&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=224&vw=400&placement=3&vtype=0&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Requested by: Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 43f13c8c428fc3566777612f36302000df9c5eeb9bafc6c8b9d57f66d76dacbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23df-5d77a515ac2dc"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.urdupoint.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 733
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET

pixel
cm.g.doubleclick.net/ Frame D89A
Redirect Chain

https://urdupoint-d.openx.net/v/1.0/av?auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2...
https://urdupoint-d.openx.net/v/1.0/av?cc=1&auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%2...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 29ms
29ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1644356386871.754&type=REQUEST&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=gYTT2MnyOTwfj4MFL41kVXv6kYGE0DzTTA554SAQlPdk57UVI8fn&vtId=y4SwV9_MFT5Ckai__n9121csEsuEtNSV1XQEPKSUYMcVl8MQ8nQm&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=270&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9078850747917302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:46 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 30ms
29ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644356386871.754&type=REQUEST&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=kJQcAHA-e0Hy0tv4jsMpHxr-tZCUH1vFKn4Yo3rPZoXovtZBGErD&vtId=9Gvi0STU-TOSyPhsmBj4IT55ZwuUGaOCnsaX4aaeX--snJiYzJhq&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=278&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Avast%3Bt%3Aurl%3B&r=0.6457413950880038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:46 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 30ms
30ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644356386871.754&type=REQUEST&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=CkMNFtDknFCVeTMYJimoUs7SYwpDDtvmol5Y1Vxh4J9bOfVMDorF&vtId=lZazTLStMXlZUZeFrMmXVlNjYJWWtxEbbKv52BzC3e8KGaAfytA5&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=278&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Avast%3Bt%3Aurl%3B&r=0.5676765702994224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:46 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 206 t.mp4
serving.stat-rock.com/player/video/ Frame D89A 3 KB
3 KB 91ms
30ms Media
video/mp4 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/video/t.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900

Request headers

Referer: https://www.urdupoint.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Thu, 20 Sep 2018 14:11:16 GMT
server: nginx
etag: "5ba3aa84-afd"
content-type: video/mp4
Content-Range: bytes 0-2812/2813
cache-control: public, max-age=31536000
Content-Length: 2813

GET
H2 200 3.21.0.js Show response
serving.stat-rock.com/player/pb/ Frame BB9B 1 MB
414 KB 113ms
60ms Script
application/javascript 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/pb/3.21.0.js
Requested by: Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0fad26f2753c5c0612ab62a0e09024d5c267ed229bd679db4c9d63c79d5a8e07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 07:47:37 GMT
server: nginx
etag: W/"5ed60419-162f16"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 cp.0.1.6.c.js Show response
serving.stat-rock.com/player/pb/ Frame BB9B 13 KB
4 KB 82ms
30ms Script
application/javascript 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/pb/cp.0.1.6.c.js
Requested by: Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 83482a1db943014304d7a9734fa8639069e152a5b378867654650b8a0a9d2a4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 09:44:52 GMT
server: nginx
etag: W/"6200ea14-324a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 moatad.js Show response
z.moatads.com/inskinmedia689754970364/ 317 KB
106 KB 57ms
14ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/inskinmedia689754970364/moatad.js
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecbb4aacf984a4cfa465a283e1ea03af14494bdfdac05555a68bcdcbaa71229d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:29:09 GMT
server: AmazonS3
x-amz-request-id: 4BJ3EXR9DK2FE0V8
etag: "c832479514ce8d26c2244e33f5279271"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=47056
accept-ranges: bytes
content-length: 108451
x-amz-id-2: TdXI+uFeaI3s6EWo+Z2jzsNL1rCzmkimFELE1a2j1DZ4bTYUUCwgMc6rJsZvuJRB6j/JNKkTI8Q=

GET
H2 200 attn.js Show response
cdn.lamp.avct.cloud/ 47 KB
13 KB 38ms
7ms Script
application/javascript 143.204.98.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lamp.avct.cloud/attn.js?aid=60ab6e2f8195e5bdd2227731&mid=60ab6e4d8195e5bdd2227732&mt=displayBanner&customModel={{device}}Inskin&cp_publisherId=128442&cp_campaignId=54997337&cp_creativeId=70640996&cp_lineItemId=124842716&cp_device=Desktop&cp_format=Superwide
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10a773e4fd0d757ed34cd27d442ea2cacd361ddc10b814e84c4c9d4466139477

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 04:31:54 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 08:53:43 GMT
server: AmazonS3
age: 61685
etag: W/"2f177f4a4bcc2a2de5dc64013302f67c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dFXBZkiGz7SPjZi3JSsCTzVHnjWAqK3Z8JwrE8QddQgCt4ljE98ljQ==

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/923387/59920991/ 46 KB
13 KB 155ms
64ms Script
application/javascript 52.50.160.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/923387/59920991/skeleton.js?ias_adpath=%23ISMViewability&ias_dspID=2&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.160.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-160-17.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 92d140724a3ae3abdf661f48ad7a6d05a0cacc1a557ef8264bfb16c742d741d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

POST
H2 204 rec Show response
t.inskinad.com/ Frame 5FAE 0
37 B 16ms
16ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:47 GMT
via: 1.1 google

GET
H2 200 big-play.png
cdn.inskinad.com/CreativeAssets/VideoIcons/ Frame AEBF 3 KB
3 KB 8ms
7ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeAssets/VideoIcons/big-play.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c8dbf50c8d9c5f35cb0e66aef3544e8cc34893f9125fc68a0677172523676ac8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Thu, 02 Apr 2015 11:43:38 GMT
server: AkamaiNetStorage
etag: "8b4638a0c04732eb1a608c0dae1fa212:1490019781"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 3377

GET
H2 200 playpause.png
cdn.inskinad.com/CreativeAssets/VideoIcons/ Frame AEBF 1 KB
1 KB 8ms
8ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeAssets/VideoIcons/playpause.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a1cf7ec7045abb1a1170e392a7d2bdd3f9d94403a3f15855b01f4457c01f9c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Thu, 09 Apr 2015 10:46:37 GMT
server: AkamaiNetStorage
etag: "2661bc759fd1f950a9d5f6e0953a886d:1490019781"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=28735
accept-ranges: bytes
content-length: 1351

GET
H2 200 mute.png
cdn.inskinad.com/CreativeAssets/VideoIcons/ Frame AEBF 2 KB
2 KB 9ms
8ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeAssets/VideoIcons/mute.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6d4b458aa1f892c514e1f39e6fd68c32cced29107f96c0275caeccc0ee72f144

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Thu, 02 Apr 2015 16:03:23 GMT
server: AkamaiNetStorage
etag: "f460549e509f0f5b783e9b7090b5bff5:1490019781"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=28713
accept-ranges: bytes
content-length: 1702

GET
H2 200 poster.png
cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/ Frame AEBF 38 KB
38 KB 8ms
8ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/assets/poster.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8994fd136b81b37275d59b868c7b1e167c2a8d296a151210eb572cd3cadbcdfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Mon, 24 Jan 2022 13:31:06 GMT
server: AkamaiNetStorage
etag: "05f508d690885eb1b1f2ddf12c0a0253:1643031066.620427"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=32401
accept-ranges: bytes
content-length: 39022

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 91D5 89 KB
32 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=36926100239878200757589011864001&a=383057c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 19:35:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame FAE6 89 KB
32 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 19:35:21 GMT

GET
H2 206 video2.mp4
video.inskinad.com/VIDEO_ASSETS/202201_VIDEOS/61e9412d4b4f522cb319ce53_1/ Frame AEBF 2 MB
2 MB 19ms
7ms Media
video/mp4 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video.inskinad.com/VIDEO_ASSETS/202201_VIDEOS/61e9412d4b4f522cb319ce53_1/video2.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e988099bf9b4b33a81c17328a70485f6b6643eebf69a3f5446586b0488920927

Request headers

Referer: https://cdn.inskinad.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Mon, 24 Jan 2022 13:31:08 GMT
server: AkamaiNetStorage
access-control-allow-origin: *
etag: "7733cd26e735ea77ee1ce8035c75f265:1643031068.071229"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: video/mp4
Content-Range: bytes 0-1752627/1752628
cache-control: max-age=71071
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
Content-Length: 1752628
expires: Wed, 09 Feb 2022 17:24:18 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 532A 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubxrfPlFiWfc9eyaw8ye5PPDyk924t9tqwuJGMAgyXOWXMLJjYBm6lnWDdjx2mXlUVihzQXllEoBY3SfbepZve&sig=Cg0ArKJSzJEg-DgKsW94EAE&id=lidar2&mcvt=1046&p=172,315,422,1285&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3551852641&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644356385893&rpt=246&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 727E 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2D1iodt3Ietk6JsS6xdY85BnOiPHmGszRF5LwqSfzBHAZj6WOVUlNvMQy6WcJZh-llQ_aannq95fMdPIXDld5TqO2XfzyjaYeA8hN_yhz4p45ehxN&sig=Cg0ArKJSzLj9rAHY-raaEAE&id=lidar2&mcvt=1047&p=836,638,837,639&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20220207&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1106897171&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644356385866&rpt=289&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame F1B0 81 KB
31 KB 32ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ded692abc5a6b47dde32e2beac408b364d9340ea3d0707db79d4b9acb1da459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32137
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8734 81 KB
31 KB 43ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ded692abc5a6b47dde32e2beac408b364d9340ea3d0707db79d4b9acb1da459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32137
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H3 200 bridge3.496.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FF8E 601 KB
195 KB 28ms
9ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199641
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:21:04 GMT
expires: Wed, 08 Feb 2023 21:21:04 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 28 Jan 2022 21:03:56 GMT
content-type: text/html
age: 1123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D89A 44 KB
17 KB 145ms
71ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 33ms
31ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1644356386871.754&type=OPPORTUNITY&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=n15o6rcPnsM1&vtId=aTvCz_eSQpNDlnv-XHzFGQYRx2k7xn2diX4HTCNIhzlFrc8VL360&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=527&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.14149839653660345
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:47 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D89A 107 B
122 B 89ms
61ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.urdupoint.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 32ms
31ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644356386871.754&type=REQUEST&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=n15o6rcPnsM1&vtId=aTvCz_eSQpNDlnv-XHzFGQYRx2k7xn2diX4HTCNIhzlFrc8VL360&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=542&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.6338394374474414
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:47 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6F03 42 B
64 B 44ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRbI1VNIf-N7KXu8aXYbSGCJ1w0cga2iVj1WVzxsDDQlerFU_nfUrcthy2CpKnQyr0yj4aBuCYgAs9BZO_zhF_UyOaL-thD-uZJCbL1CvDdMTVKmTTYQ&sai=AMfl-YRlxh62WWkJ59tQ5HvsCW2w1-KiwTUNYcdYooIJLtcPylXsZp4iEv-rrUIgU-KsktxGzTH04t8wpbrw1MObrLEJicfic4dJo0Zg3mjjpa8MD4ZuAs9roFGrjNm2PaGb&sig=Cg0ArKJSzPBI8Sgm79PZEAE&id=ampim&o=1039,557&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1045&mtos=0,0,1045,1045,1045&tos=0,0,1045,0,0&tfs=279&tls=1324&g=100&h=100&tt=1324&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1194099197

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 playpause.png
cdn.inskinad.com/CreativeAssets/VideoIcons/ Frame AEBF 1 KB
1 KB 10ms
8ms Image
image/png 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.inskinad.com/CreativeAssets/VideoIcons/playpause.png
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/lib1643031061973.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a1cf7ec7045abb1a1170e392a7d2bdd3f9d94403a3f15855b01f4457c01f9c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Thu, 09 Apr 2015 10:46:37 GMT
server: AkamaiNetStorage
etag: "2661bc759fd1f950a9d5f6e0953a886d:1490019781"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=28735
accept-ranges: bytes
content-length: 1351

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame 91D5 0
150 B 35ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=36926100239878200757589011864001&a=e153f5a4&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=36926100239878200757589011864001&a=383057c9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=36926100239878200757589011864001&a=383057c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 91D5 1 KB
2 KB 243ms
136ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=36926100239878200757589011864001&viewref=36926100239878200757589011864001&nw=1
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=36926100239878200757589011864001&a=383057c9
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 1c81839dc84d8743c374e31ba72001a2dbcfaf99b87d7fcc2a079497159e6db4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:47 GMT
Last-Modified: Tue, 08 Feb 2022 21:39:47 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1267
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 91D5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame FAE6 0
150 B 35ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=92041200239878300757585011864001&a=87e5d590&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame FAE6 1 KB
2 KB 239ms
137ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2699625&wgcampaignid=99582&js=1&clickref=92041200239878300757585011864001&viewref=92041200239878300757585011864001&nw=1&cp=100400411
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: fc4f383a86e4f46049ebed9c5e17209e2a77006304590bc80818b0ebf7c7eef6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:47 GMT
Last-Modified: Tue, 08 Feb 2022 21:39:47 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1268
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FAE6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 n.js Show response
geo.moatads.com/ 84 B
258 B 103ms
24ms Script
text/html 18.135.229.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zkW3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-TA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INSKINMEDIA1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1644356387317&de=745044052508&m=0&ar=944fd8091a1-clean&iw=3b2b3d1&q=2&cb=0&ym=0&cu=1644356387317&ll=2&lm=0&ln=0&em=0&en=0&d=128442%3A54997337%3A70640996%3Aundefined&zMoatIMP=-&zMoatLII=124842716&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=-&zMoatPT=-&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&id=1&ii=4&bo=urdupoint.com&bd=urdupoint.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=inskinmedia689754970364&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1166%3A1166%3A1651%3A1182&jk=-1&jm=-1&fs=196859&na=2089362300&cs=0&ord=1644356387317&jv=2042296003&callback=DOMlessLLDcallback_76207059
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/inskinmedia689754970364/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.229.166 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-229-166.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: b4fecc285a0b71b6dcf796ba2eb212d1dace638a3e44304507caf66f6dd5c93f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "35f02e63ca967d87ad4e2cbd8c0dd9ed79e977bc"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ 140 B
315 B 98ms
26ms Script
text/html 18.135.139.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&pcode=inskinmedia689754970364&ord=1644356387317&jv=644247444&callback=BrandSafetyNadoscallback_76207059
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/inskinmedia689754970364/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.139.107 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-139-107.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: bcb3dafb29f12846651cee0298f7a338472923526283098e5d94d92d335bb089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "e8e12f0f8c244823cd2fc68eadc9ab9deedb2952"
content-length: 140
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 72ms
64ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INSKINMEDIA1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1644356387317&de=745044052508&m=0&ar=944fd8091a1-clean&iw=3b2b3d1&q=3&cb=0&ym=0&cu=1644356387317&ll=2&lm=0&ln=0&em=0&en=0&d=128442%3A54997337%3A70640996%3Aundefined&zMoatIMP=-&zMoatLII=124842716&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=-&zMoatPT=-&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&id=1&ii=4&bo=urdupoint.com&bd=urdupoint.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=inskinmedia689754970364&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1166%3A1166%3A1651%3A1182&jk=-1&jm=-1&fs=196859&na=1369607914&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2389 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 08 Feb 2022 22:30:47 GMT

GET
H2 200 28a40f1da9ed4f47800b7dc26149b9f0.jpg
cdn.mfad.inskinad.com/Advertisers/ Frame CB91 174 KB
175 KB 58ms
7ms Image
image/jpeg 2600:9000:2156:2a00:17:8296:f1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mfad.inskinad.com/Advertisers/28a40f1da9ed4f47800b7dc26149b9f0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:17:8296:f1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11bd67fae0e1a4be440fcce2b70cdbca1c98dfc6b8df10936d94523630992b11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:53:53 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jan 2022 15:30:44 GMT
server: AmazonS3
age: 733555
etag: "e1db0cac83b5cb7cc34724e7d2b898be"
x-cache: Hit from cloudfront
x-amz-version-id: _fvanwDQ8N7tDTMOmd2Vltx66D7F9J1b
cache-control: max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 178441
x-amz-cf-id: HkGBIbC6sbWWNNGyEDI9S2Gcd0ttwwstBdQXl9PjgI8s8zAu2IH6IQ==
expires: Sat, 24 Jan 2032 15:30:43 GMT

GET
H2 200 i.gif
mfad.inskinad.com/ Frame CB91 43 B
498 B 105ms
104ms Image
image/gif 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mfad.inskinad.com/i.gif?e=eyJ2IjoiMS4xMCIsImF2IjoxMzM2NjEsImF0IjoyMTYzLCJidCI6MCwiY20iOjIyMjcwNjIsImNoIjoyMzk2MiwiY2siOnt9LCJjciI6NjU4NzU1OTcsImRpIjoiODBiYWQwMWEzZDQ5NDBkZjhjMjlhY2FmMGEzM2M4MjAiLCJkaiI6MCwiaWkiOiIwYjdmN2RjMDA4OTA0NmMxODY3NDVkZjYwY2RjNTFiNSIsImRtIjoxLCJmYyI6MTE5MDM5ODM0LCJmbCI6MTEwOTc2NzA1LCJpcCI6IjEzOC4xOTkuMzguMTMzIiwibnciOjk4NzQsInBjIjowLCJvcCI6MCwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicHIiOjg5MzgxLCJydCI6MiwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMDBlOTNjNjdmNDgwMjFkMGMiLCJzcCI6MTI0ODMxMCwic3QiOjY4MTAxNywidWsiOiJ1ZTEtOGI2Nzc2MzEyYWNjNDcyYWI3NGU3NGJiYjcxNTk1OWUiLCJ0cyI6MTY0NDM1NjM4NjkxOCwiYmYiOnRydWUsInBuIjoiaXNtLXJ0Yi1jb21wYW5pb24iLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInR6IjoiVVRDIiwiYmEiOjEsImZxIjowfQ&s=vnP8zGLe0XyOhNZLShZgzmldCKM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1a-i-042201b6289056f56

GET
H2 200 main.gr.19.8.284.js Show response
static.adsafeprotected.com/ 189 KB
60 KB 51ms
8ms Script
application/javascript 2600:9000:2156:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/923387/59920991/skeleton.js?ias_adpath=%23ISMViewability&ias_dspID=2&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:07:13 GMT
content-encoding: gzip
age: 1139555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:52:12 GMT
server: AmazonS3
etag: W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary: Accept-Encoding
x-amz-version-id: dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: I1zEUy5PpNiAt-nV2OWpUfN2eWE2zORCrW27tfF47gvf1anzSZarVg==

GET
H3

200

av Show response
urdupoint-d.openx.net/v/1.0/ Frame D89A
Redirect Chain

https://urdupoint-d.openx.net/v/1.0/av?auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2...
https://urdupoint-d.openx.net/v/1.0/av?cc=1&auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%2...

48 B
78 B

25ms
25ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://urdupoint-d.openx.net/v/1.0/av?cc=1&auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cb=0.6415316643982265&vht=224&vwd=400&ip=138.199.38.133&lmt=$$DNT$$&gdpr=0&gdpr_consent=
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.urdupoint.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 08 Feb 2022 21:39:47 GMT
via: 1.1 google
server: OXGW/17.1.0
location: https://urdupoint-d.openx.net/v/1.0/av?cc=1&auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cb=0.6415316643982265&vht=224&vwd=400&ip=138.199.38.133&lmt=$$DNT$$&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.urdupoint.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 index.html Show response
cdn.inskinad.com/redirect/ Frame 3EF7 900 B
638 B 9ms
9ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6MjAzfQ%26s%3DVzHod8dhotkh1_vxmzgvRbB9yMs&tracker=true
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/lib1643031061973.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1

Response headers

accept-ranges: bytes
content-type: text/html
etag: "be5f029aae431ed80ad45333a334787f:1481726617"
last-modified: Wed, 14 Dec 2016 14:43:37 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=25064
date: Tue, 08 Feb 2022 21:39:47 GMT
content-length: 446
access-control-allow-origin: *

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.urdupoint.com%2F%2Fen%2Fworld%2F-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zkW3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-TA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=500&w=120&fy=1360&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&id=1&ii=4&f=0&j=&t=1644356387317&de=745044052508&cu=1644356387317&m=68&ar=944fd8091a1-clean&iw=3b2b3d1&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3549&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1166%3A1166%3A1651%3A1182&as=0&ag=25&an=0&gf=25&gg=0&ix=25&ic=25&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=25&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=49&cd=0&ah=49&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=128442%3A54997337%3A70640996%3Aundefined&bo=urdupoint.com&bd=urdupoint.com&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=124842716&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=COMPOSITE_ADS&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=-1&jm=-1&tc=0&fs=196859&na=336057957&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:47 GMT

POST
H2 204 rec Show response
t.inskinad.com/ Frame 5FAE 0
37 B 16ms
16ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:47 GMT
via: 1.1 google

POST
H2 204 rec Show response
t.inskinad.com/ 0
37 B 16ms
16ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:47 GMT
via: 1.1 google

GET
H2 200 pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 43 B
260 B 36ms
14ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=25&fi=1&apd=49&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=urdupoint.com&L1id=128442&L2id=54997337&L3id=70640996&L4id=0&S1id=urdupoint.com&S2id=urdupoint.com&ord=1644356387317&r=745044052508&t=meas&zMoatIMP=&zMoatPT=&zMoatLII=124842716&bedc=1&q=1&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H2 200 pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 43 B
260 B 45ms
23ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=25&fi=1&apd=49&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=urdupoint.com&L1id=128442&L2id=54997337&L3id=70640996&L4id=0&S1id=urdupoint.com&S2id=urdupoint.com&ord=1644356387317&r=745044052508&t=fv&zMoatIMP=&zMoatPT=&zMoatLII=124842716&bedc=1&q=2&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H2 200 pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 43 B
260 B 37ms
15ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=25&fi=1&apd=49&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=urdupoint.com&L1id=128442&L2id=54997337&L3id=70640996&L4id=0&S1id=urdupoint.com&S2id=urdupoint.com&ord=1644356387317&r=745044052508&t=bs&zMoatIMP=&zMoatPT=&zMoatLII=124842716&bedc=1&q=3&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H2 200 pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 43 B
260 B 34ms
17ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=207&fi=1&apd=231&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=urdupoint.com&L1id=128442&L2id=54997337&L3id=70640996&L4id=0&S1id=urdupoint.com&S2id=urdupoint.com&ord=1644356387317&r=745044052508&t=hdn&zMoatIMP=&zMoatPT=&zMoatLII=124842716&bedc=1&q=4&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H2 200 pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 43 B
260 B 36ms
19ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=207&fi=1&apd=231&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=urdupoint.com&L1id=128442&L2id=54997337&L3id=70640996&L4id=0&S1id=urdupoint.com&S2id=urdupoint.com&ord=1644356387317&r=745044052508&t=nht&zMoatIMP=&zMoatPT=&zMoatLII=124842716&bedc=1&q=5&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7E80 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame BB9B 483 B
950 B 46ms
20ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/pb/3.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 912135
x-amz-request-id: tx5b1e54f885424aff91758-0061f4f818
x-amz-id-2: tx5b1e54f885424aff91758-0061f4f818
last-modified: Wed, 26 Jan 2022 14:43:29 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEojPGGSQzmcg5uqbGyAXjb8tZ8BK3%2Bodha%2B7tFvTUvb%2BE2prV7RGWPLLARUBz6%2BqsTkrSbgRuW4UfJ4VYgoslejgWb2XeXYQuhbzpirIZPPSQx3ZHGYlHt%2BwMsMlRUq%2BYaRQ%2BzT9M6c%2FQtT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1643208209303360
cf-ray: 6da8033e988c9060-FRA

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame BB9B 14 KB
2 KB 37ms
15ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/pb/3.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 42989
x-jsd-version: 1.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19158-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6da8033ebb51922f-FRA

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 29ms
29ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644356386871.754&type=REQUEST&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=2Q0W93kixUD9OJmDV2xD01UMKSby6qFOvkNjKo_jrWWophnvE2iV&vtId=wMz-M8jcvuEQDRzmxdPj_w38Qz8zBdvjpfky8TmmRi8d2hPXDOID&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=912&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Avast%3Bt%3Abidding%3B&r=0.04163066313820707
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:47 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/923387/59920991/skeleton.js?ias_adpath=%23ISMViewability&ias_dspID=2&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=http...
https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability

17 B
465 B

7ms
7ms

Script
application/javascript

2600:9000:2156:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability
Protocol: H2
Server: 2600:9000:2156:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
age: 18709431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: oG1jwlVnN-uQTKE6SIR_-olz8ZKhGo0-QMIqudeQXwowQCVn_sAhjA==

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 5AD6 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:2156:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 6608309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: CXW4r479o0Ot068lpIz_rhZ430En32FuFJL6-C-zsksakp9P28oScA==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 91D5 51 KB
51 KB 61ms
8ms Script
application/javascript 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=36926100239878200757589011864001&viewref=36926100239878200757589011864001&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-5.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 55439
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 08 Feb 2022 06:15:48 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: iglLIt7tgfkMC0QRLFWH0EDSKS3nRAK7xOfgnyUsv-5xAE1mQdYnRQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 91D5 48 KB
48 KB 75ms
29ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=60749200235953600757589011864001&wglinkid=264925
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=36926100239878200757589011864001&a=383057c9
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:47 GMT
Last-Modified: Tue, 08 Feb 2022 21:39:47 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame FAE6 51 KB
51 KB 68ms
15ms Script
application/javascript 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2699625&wgcampaignid=99582&js=1&clickref=92041200239878300757585011864001&viewref=92041200239878300757585011864001&nw=1&cp=100400411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-5.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 55439
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 08 Feb 2022 06:15:48 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: WcGkfCoWTDbb48i0js4vDlsnnCpDd99hJRTL9aUC-OevdDlls8xrFg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame FAE6 40 KB
40 KB 74ms
28ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=50903600281259600757585011864026&wglinkid=2699625
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 65e922cfc69467b7c0b7832e9e4249b4fd8198c870c7cbd4442fbafef764d78d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:47 GMT
Last-Modified: Tue, 08 Feb 2022 21:39:47 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24CA 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7xUkIeMCYvj_O9SMjuwP0ZO56AgAAAAAOAHgBAI&bg=!REelRwPNAAa4sGsQuLA7ACkAdvg8Wny3_u6AMLtHk6x8YTO0lY0z95ZArvkPaUIu3qN_Vb7sKamp5AIAAAH4UgAAAAJoAQeZAxf2n_kEGhcO1cBM9Y-aEA8C9vyhhzMIOuT39JvvayW0_Yrw8z0oZUmOTIJGZ-pMPdbz0q5zuYhrwGFqPv0rD2aUfmC2dOfuY5mutdEdlQ_NCO8bzVmoR1-4tX6W3uPrFqRMP-X5ll8f8ooSuJDTKHcKQ1kgzHH9GNOPqCMAA_iZ2Z9q1kXLv9-fYVjUomjAFmQznm7PG82iGAP4oy4FAl1-zs0sbFuStRPuwf77vrbRsfjRigSmPCHpJHZketxRZ5aCgoF4eTt2VQQOAyVTdStUYhiDpdvgcmRjR9gy5T-XllN_E4rD64-UxDIwIB59X-BX9V5jrbxSgGAdEA8JeCHPjxvOeEoZQT0emzuBvE-ys7Tsla7Ou4fz2uKRovyUKLmOwQH0hFq5BSw-DjOxoXejDlXGYssjxeboWnvI81yXwwxJuVdczOFvnBorq2XFGCRMbD56aSIF0DwEhEHredv6k9FYwEegrMcaQVUs7h-uKBaoXbPF1xqQVWM232PMziNV9Ya8X65aArxV8eyTGL0HEccPfBLy6Kr4N5GbuIQncN7B0LmMKLWtqI1LaxdxWTrDZaUzKNwkmGEm-CbxjOXvmVZrsn6nTrHSpZa4aSbB4904fpuIV-mgLb0Gb03WN2MW8VP4ksw2CiykFBynVN9VTa6bcsKVTAgxjvHjoe-onZRihplPyOKlDkA64dC94c8c1xmqNnF601fkeinz9FS405WM702Gx56X0JrXG0tK2TZse2czniZ1nZg7Jhiieg1_K_UoXFJW8yeylFVugiWnCWXzyk4bq8qh-hbsLaVN3b4j-CaU6lly-6omA3c71WiXJX2R3vBwYCZjLTJcb16O1Umu1D_tpQ-CI_uneIyMHIjAL1bjn3WFXJo_YzIksr-WMfhCx50e0tEdoBaiydvRr9vq25BhXa10LYN_DZOvAu4OfnaCJaMInlg4ZOJ5_ToBe9NJFYEjwZkvlICT6lYX1bPFAhtyMTcJ30vr5_CnJyy8O8SIuvEH4vUp1Qw1RDhNVNEXdu9qwEuiyRQmL5r857VdDHrH_g

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame BB9B 36 B
501 B 117ms
74ms XHR
application/json 92.122.254.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=552356&v=8.1&r=%7B%22id%22%3A%2212103f14c359e6%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22216b3a4c2af1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22552356%22%2C%22sid%22%3A%22400x300%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22startdelay%22%3A0%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1
Requested by: Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/pb/3.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c8a52aad4ee539d8abe8a8c36613b9324636264c0d3ed28e648fa612ddeab027

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:47 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[138.199.38.133], XFF:[]
Server: Apache
Content-Type: application/json
Access-Control-Allow-Origin: https://www.urdupoint.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 36
X-AK-CLIENT-GEO: 12
Expires: Tue, 08 Feb 2022 21:39:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B05 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtTjEIeMCYrCJPIWagQfdgoLgBAAAAAA4AeAEAg&bg=!PT6lPnrNAAa4sGsQuLA7ACkAdvg8Wlnj-nn302R9XP6EZBi1DwGK-0Slzn2Vr_9h0NyBnO9Y7ct8xwIAAAH0UgAAAAloAQeZAxVuGh85sBQMVExcxacD9J-MmMZZItRpi61XIzUPs46cyn_4K5qiC6Qhhu_M1x_ZcCI8-4o68Pr9RDgmIpnuoD8nz0gZTDSIc1E52dTGRALYrCmB_5JW6s5Ji6XFUL8i5NYFxWV1UFQLV69XG_a6on5t9V4k8Om0_y-Cuy07c9fWU202r4g18DuusME9vAHZPNYPGIGKKQfv-E98wqttXOM5vBEb8G_YfQKzW4rNp-ZqZlN6TS-5U3NgQ4m7ft_gOGo0Q9KvyTXuC4o66fh_qyH6p7A-4byhYOaYeYuoKts0-3f3icUYH-fE4tSOwD5kwxUaej8xW7TkKWci7FH7uPvCNCmuBT9BAgtb88uQIZo1E2zeBzq3A2OfkC9LqAkYjDUUyrUdytX0nN9Fn8Qp1n93UOZ-XbTbOPpzWPTUnpIubAKBmPGVpG75-bcjcusB_Gr0-gaQyfFdvd0SAo-TbSy9JSUAQfiEUHTAUT6-UBzrgvz4uwfhsNTOKIgzxlkMqErizNM80KCLMO74If9R197DM2auzsR-aURcBkPk-pMFWpJKfGjo__JiR9_CuXedldt4xTXs42ZzmypcwTA97DQUKO1BfcVKdzY4WN9SYzCRsxyDR-3vwRQsELwNDkPFhgYoJ9AvJPxgbm8DqRo7pwx0fRi6kLU0xzm9GON02DpPYCKpCERPBsiF0YHr4aZVxm2fUZiJYRMjxOQF1SxYaRkqIc7OjRrBEOAPLypkFHm4l6QEMiWLYwwihiuispk434IalFloeWBojZPzet03h9yZLLSARWIs4k-AOJWFezRwVKO_y-k9pPJ-8fk4DXkNVkZoF5JcPxzDwGVAO4IFSHY6QQORE1yXdD5_lwkfEv2gNa89dQPhx0vloQuRAhs_Yo-VjTMFmenSv0OeKmYYH8r1nWphwi0ntZ3ze4nWyDAIp5idkd8lFUap4ep_R8RqxRPyh0TIP-ZQ00z8QPrb9JSFJxZ_hMn-tDQejMEkseWxdcW6XA1wmvTh0hgICbGdazaCHW8blCFf2uSsb4Ue1OZIKFjSVqw

Requested by

Host: 111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
URL: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D89A 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupSEhEY_8D4cCoviN_iDMwCVpKI2JkVTKST0s2sSrE0Guu-BPxKR--QAyD4sWH3T8ZnFtsSRz770j7nMNW9w6aKKjO18723fNqKyacRA4gQMA9-pUE&sig=Cg0ArKJSzC6j0GfQu4LbEAE&id=lidar2&mcvt=1028&p=1114,638,1115,639&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20220207&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3741637513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644356385871&rpt=910&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e.gif
mfad.inskinad.com/ Frame 3EF7 43 B
498 B 101ms
101ms Image
image/gif 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mfad.inskinad.com/e.gif?e=eyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6MjAzfQ&s=VzHod8dhotkh1_vxmzgvRbB9yMs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1e-i-0246073805d7b0f71

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 310ms
97ms Image
image/gif 52.203.104.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=923387&asId=8fd422cc-dc51-b943-67ba-37e38904e2b8&tv=%7Bc:3Ftcvr,pingTime:-2,time:442,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:4459,beZ:4460,mfA:4718,cmA:4719,inA:4719,inZ:4723,prA:4723,prZ:4728,si:4740,poA:4741,poZ:4753,cmZ:4753,mfZ:4753,loA:4878,loZ:4879,ltA:4901,ltZ:4901%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:500,t:280%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:442,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:280,wc:0.0.1600.1200,ac:1360.0.120.500,am:sp,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B180~100%5D,as:%5B180~120.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:sWT5Par+1*.923387-59920991%7C11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C173%7C174%7C18%7C191%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,slid:%5B%5D,sinceFw:160,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.104.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-104-151.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame BB9B 71 KB
23 KB 36ms
19ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1147668
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx1acad60afdf94c1a9364d-0061f1600d
x-amz-id-2: tx1acad60afdf94c1a9364d-0061f1600d
last-modified: Wed, 26 Jan 2022 14:43:28 GMT
server: cloudflare
etag: W/"88567a823cfd2840dd0a3198b929d466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIVz%2FncIYC%2BsYkUI%2F4nx8cp68qmn711abLfD8vAZw4VmWWnlHSAIClulyYAt%2FPVeQ5LUSLqTcCRamy3cFAa6PmwphwrsSWLz%2B42IiMfWXvJMl9hErCzsvJZnGW11a3TtPIL9MvTCn6EXVzxQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1643208208262354
cf-ray: 6da803404859913a-FRA
access-control-allow-headers: Authorization

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FF8E 18 KB
3 KB 258ms
258ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21678054%2Fvast%2Fplacement-one-1&description_url=https%3A%2F%2Fwww.urdupoint.com&tfcd=0&npa=0&sz=640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2124106739446695&vpa=auto&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1208601704&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=A7FCEDAB-67ED-46F9-A173-2E3913980485&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAYv4Od2u0vRQAAAAA%3D&nel=0&eid=44737475&top=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&dt=1644356387970&cookie=ID%3Db89d561ba5ff26d0-226967df38cd000d%3AT%3D1644356385%3AS%3DALNI_MbRYLf-ZrZnO6bGhdSNHCxS011iww&scor=1651349877628708&ged=ve4_td2_tt1_pd2_la2000_er1115.260.1273.560_vi0.0.1200.1600_vp54_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a57d66c4f3eb01bc15b88cc35e7adc32059db5c13fbe3a582020d687c28f1593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3065
x-xss-protection: 0
google-lineitem-id: 4793200007
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319690733
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
nym1-ib.adnxs-simple.com/ Frame CB91 0
681 B 137ms
137ms Ping
text/html 68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&e=wqT_3QLLDGxLBgAAAwDWAAUBCKHGi5AGEPmngM7MkdOjYRj_EQF4ASo2CTsb9Z2NejpAEdbFbTSApzVAGaRwPQrX4zhAIRESJCn6sx8pIhBkQDERG7Aw9p_uCjivZ0CcWkgCUJnJ0Z8BWK7ClwFgAGiA1rQBeITKBYABAYoBA1VTRJIFBvBVmAHUB6ABrAKoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDQ4MDkwODMsIDE2NDQzNTYzODUpO3VmKCdpJywgNjcxNzE3NywgMTY2HQAwcicsIDMzNDc4MzY0MTY8APC8kgKNBCE4MmlITlFpUDZOa1lFSm5KMFo4QkdBQWdyc0tYQVRBQU9BQkFBRWljV2xEMm4tNEtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWWZTcjFGX2kyRkF3UUVRNkwwcEloQmtRTWtCQUFBQUFBQUE4RF9aQWJLNjFYUFMtLXNfNEFINV9aa0Q5UUZzVUJWRG1BSUFvQUlCdFFJQUFBQUF2UUlBATvwVXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpUbGxOTWpvMU5EY3g0QVBKTFlBRXBOckhCNGdFeXFIYkI1QUVBSmdFQWNFRUFBAVoBAQhESkIBBw0BGDJBUUE4UVENDkRBQUFJZ0YzeXFRQmR5aVVLa0YBEwEBEDhELXhCHSc0d1FWR1FyQjFEYXBpUU0uKAAEX1IuKAAIMlFVAT_wSUFBQUR3UC1BRjhkSFRCX0FGM095TENQZ0YtOEtsQW9JR0EwVlZVb2dHQkpBR0FaZ0dBS0VHMmh0OFlUSlZzRC1vQmdTeUJpUUpBAUsJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBITZSaUxCZzoRAthLN0Nsd0VnQUNnQU1kb2JmR0V5VmJBX09nbE9XVTB5T2pVME56RkF5UzFKc3JyVmM5TDc2ejlSAVsJAQBCHXkAQh15BEJwCSABAQRCeAEGCQEhzABrNYD0XgE4RDgu2AIA4AKY8VzqAlxodHRwczovL3d3dy51cmR1cG9pbnQuY29tL2VuL3dvcmxkL3B1dGluLWJpZGVuLWFncmVlLXN0YXRlLW9mLXJ1c3NpYW4tdXMtY29vcGVyLTE0MjEwMzMuaHRtbIADAYgDAJAD3KJQmAMUoAMBqgMAwAOsAsgDANgDwgPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAwxMzguMTk5LjM4LjCoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA8xMTU0OCNOWU0yOjU0NzHaBAIIAeAEAPAEmcnRnwGIBQGYBQCgBf___________wGqBSQ5MDMwZWU5ZS02ZGFkLTRkM2YtODMwZS03NGRiY2E3ZjYwOTPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWsoBv6BQQIABAAigZsY1JMVU9FMEFBddhBQWtDQlFFSTBhbUxDQkRtOWVJQ0dLUENuZ01nQmlnQVFNbW4yZ2RJbEt2YUIxREpMVmpjSW5FKa4BARRIZ0FnUUUBCgkBdElnQkFKQUJBSm9CQWdnQZAGAJgGAKIGDzEzMjMxIwX6JDQ0NDS4BgHBBgAFASjwP9AGrUTaBhYKEAUQHQEoEAAYAOAGAeoGOnWtDhg1ODE1MDE0NtIEAR2pDhA5MTQ1OTYdAETyBgIIAIAHAYgHAKAHAboHDwgFV0QgADAAOL0GQADIB4TKBdIHDQkReAF1CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=9801629389af1974885ad1e37ecdefa3218dfebd&type=pv&jm=1003&px=1039&py=807&bw=300&bh=250&sf=1&sid=4347453921409068246&vd=ct~0|rr~5&sv=222&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=22777846&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:48 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 550.bm-nginx-loadbalancer.mgmt.nym2; adnxs-simple.com
AN-X-Request-Uuid: 535bdf28-505b-4647-aa78-195bc5fb3537
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.urdupoint.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FFAB 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSvoqRw3bzxOI2GTTROonZ_tIlehqVETWM1hm7lCKULtBRX1zy4A7_PWoPlct3zVQNYL6byw4COvDnysYOU0u0VvZm3DjAfxyK6yr0&sai=AMfl-YQzjk75-YWS4nQJCmOecrXl9LTp4wIJIEd8Y4luWKgbs45k7hP_pa9TZCe2ETOOn9yebAcX_kUSXmTlXGc2iYIHXfFsU1jEKt2aqIkO44kS7kszIspPIqBz2bw0_aDQ&sig=Cg0ArKJSzPY1RQIu6mLQEAE&cid=CAASFeRo8d-HCNbXUrvQxcWDQtw0xomXcw&id=lidar2&mcvt=1000&p=260,540,350,1268&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2626557634&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644356385884&rpt=1062&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame D556 0
91 B 23ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.urdupoint.com
URL: https://www.urdupoint.com/ads/pb4.27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Tue, 08 Feb 2022 21:39:48 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1868067680547776839

0
390 B

1316ms
429ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1868067680547776839
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:49 GMT
Server: VertaMedia 1.0
Etag: 0a34f6dd8a604c00
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:48 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0138d582-2589-4b49-bd62-625264ef5b6b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1868067680547776839
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=0a34f6dd8a604c00

35 B
351 B

47ms
14ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=0a34f6dd8a604c00
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:49 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=0a34f6dd8a604c00
Date: Tue, 08 Feb 2022 21:39:48 GMT
Server: VertaMedia 1.0
Etag: 0a34f6dd8a604c00
Content-Length: 0

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
350 B 50ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b132epadc7me808g606l7abqgfkpchbp

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 96ms
96ms Image
image/gif 52.203.104.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=923387&asId=8fd422cc-dc51-b943-67ba-37e38904e2b8&tv=%7Bc:3FtcAm,pingTime:-10,time:747,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644356388165%7C%7C852e052bc809fa68736a69dabc2243ee%7C%7C8866308252d63f9bf74b74e606896148%7C%7C7b243947dff30994408f67922aaf1179%7C%7Cb213cb9545fb359a622c276eeefe303a%7C%7Cbbb7e68f103ee931c956145242b21d59%7C%7C6615c96ed800b033a423ee7a35728909%7C%7C9223b398d39c6530aab2f51662a8588b%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.104.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-104-151.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FF8E 156 B
142 B 46ms
46ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21678054%2Fca-video-pub-2880359506957066-tag%2F5133431265&description_url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&tfcd=0&npa=0&sz=640x360&max_ad_duration=60000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2124106739446695&vpa=auto&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1208601704&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=A7FCEDAB-67ED-46F9-A173-2E3913980485&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAYv4Od2u0vRQAAAAA%3D&nel=0&eid=44737475&top=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&dt=1644356388265&cookie=ID%3Db89d561ba5ff26d0-226967df38cd000d%3AT%3D1644356385%3AS%3DALNI_MbRYLf-ZrZnO6bGhdSNHCxS011iww&scor=1651349877628708&fbidx=-1&ged=ve4_td2_tt1_pd2_la2000_er1115.260.1273.560_vi0.0.1200.1600_vp54_ts0_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FF8E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame FF8E 42 B
64 B 19ms
19ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bs60iI-MCYvDQPJGorATb-KGgCaDv3L5FAAAAEAEg9pm0HTgBWO33-6ODBGCV-vCBjAeyARF3d3cudXJkdXBvaW50LmNvbboBEzMzNngyNjksNjQweDM2MF94bWzIAQXaAVxodHRwczovL3d3dy51cmR1cG9pbnQuY29tL2VuL3dvcmxkL3B1dGluLWJpZGVuLWFncmVlLXN0YXRlLW9mLXJ1c3NpYW4tdXMtY29vcGVyLTE0MjEwMzMuaHRtbKkCf02n31iiOD7AAgLgAgDqAh4vMjE2NzgwNTQvdmFzdC9wbGFjZW1lbnQtb25lLTH4AoLSHpADjAaYA_wHqAMB0ASQTuAEAdIFBhCH28ntEZAGAaAGJKgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCAkIgOGAEBABGB3YCAKACgWYCwGADAHQFQGAFwE&sigh=-DjXPLm9MZE&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.496.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjQ3OTMyMDAwMDdAhgJSGSUAAHBCOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame FAE6 0
150 B 35ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=92041200239878300757585011864001&a=87e5d590&vb=v
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=92041200239878300757585011864001&a=92e6b01d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:48 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zkW3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-TA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=500&w=120&fy=1360&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&id=1&ii=4&f=0&j=&t=1644356387317&de=745044052508&cu=1644356387317&m=1322&ar=944fd8091a1-clean&iw=3b2b3d1&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3549&le=1&lf=185&lg=1&lh=48&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1166%3A1166%3A1651%3A1182&as=1&ag=1287&an=25&gi=1&gf=1287&gg=25&ix=1287&ic=1287&ez=1&ck=1287&kw=936&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1287&bx=25&ci=1287&jz=936&dj=1&aa=1&ad=1171&cn=0&gn=1&gk=1171&gl=0&ik=1171&co=1171&cp=936&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=936&cd=49&ah=936&am=49&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=128442%3A54997337%3A70640996%3Aundefined&bo=urdupoint.com&bd=urdupoint.com&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=124842716&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196859&na=1088208699&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:48 GMT

GET
H2 200 pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 43 B
260 B 21ms
21ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=936&tet=1287&fi=1&apd=1311&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=urdupoint.com&L1id=128442&L2id=54997337&L3id=70640996&L4id=0&S1id=urdupoint.com&S2id=urdupoint.com&ord=1644356387317&r=745044052508&t=iv&zMoatIMP=&zMoatPT=&zMoatLII=124842716&bedc=1&q=6&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:48 GMT

GET
H/1.1 200
OK bridge-31042.js Show response
video-ads.rubiconproject.com/video/ Frame 7A8C 65 KB
20 KB 16ms
16ms Script
application/javascript 2.20.164.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Requested by: Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.164.14 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-164-14.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 21:39:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Nov 2021 09:48:04 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "103d9-5d185c1183d00-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 20289

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 29ms
29ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644356386871.754&type=OPPORTUNITY&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=gYTT2MnyOTwfj4MFL41kVXv6kYGE0DzTTA554SAQlPdk57UVI8fn&vtId=y4SwV9_MFT5Ckai__n9121csEsuEtNSV1XQEPKSUYMcVl8MQ8nQm&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=1984&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Avast%3Bt%3Aurl%3B&r=0.3421044578035226
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:48 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 91D5 16 B
232 B 85ms
85ms Fetch
application/json 34.242.207.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-207-34.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal90001.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 111ms
30ms Preflight 34.242.207.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 95ms
30ms Preflight 34.242.207.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FAE6 16 B
232 B 85ms
84ms Fetch
application/json 34.242.207.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-207-34.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal90001.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
14ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zkW3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-TA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=500&w=120&fy=1360&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&id=1&ii=4&f=0&j=&t=1644356387317&de=745044052508&cu=1644356387317&m=1323&ar=944fd8091a1-clean&iw=3b2b3d1&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3549&le=1&lf=185&lg=1&lh=48&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1166%3A1166%3A1651%3A1182&as=1&ag=1287&an=1287&gi=1&gf=1287&gg=1287&ix=1287&ic=1287&ez=1&ck=1287&kw=936&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1287&bx=1287&ci=1287&jz=936&dj=1&aa=1&ad=1171&cn=1171&gn=1&gk=1171&gl=1171&ik=1171&co=1171&cp=936&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=936&cd=936&ah=936&am=936&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=128442%3A54997337%3A70640996%3Aundefined&bo=urdupoint.com&bd=urdupoint.com&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=124842716&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196859&na=360496261&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zkW3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-TA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=500&w=120&fy=1360&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&id=1&ii=4&f=0&j=&t=1644356387317&de=745044052508&cu=1644356387317&m=1323&ar=944fd8091a1-clean&iw=3b2b3d1&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3549&le=1&lf=185&lg=1&lh=48&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1166%3A1166%3A1651%3A1182&as=1&ag=1287&an=1287&gi=1&gf=1287&gg=1287&ix=1287&ic=1287&ez=1&ck=1287&kw=936&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1287&bx=1287&ci=1287&jz=936&dj=1&aa=1&ad=1171&cn=1171&gn=1&gk=1171&gl=1171&ik=1171&co=1171&cp=936&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=936&cd=936&ah=936&am=936&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=128442%3A54997337%3A70640996%3Aundefined&bo=urdupoint.com&bd=urdupoint.com&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=124842716&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196859&na=1538687876&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:48 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 7A8C 28 B
394 B 105ms
67ms XHR
application/xml 18.196.18.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=22650&site_id=340306&zone_id=1793210&size_id=203&tg_c.language=eng&p_window.depth=0&rf=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=400&p_aso.video.ext.ad.h=224&width=400&height=224&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7164960840188450&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.18.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-18-182.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.urdupoint.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 96ms
95ms Image
image/gif 52.203.104.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=923387&asId=8fd422cc-dc51-b943-67ba-37e38904e2b8&tv=%7Bc:3FtcLc,pingTime:1,time:1419,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:500,t:280%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1419,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:280,wc:0.0.1600.1200,ac:1360.0.120.500,am:sp,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1157~100%5D,as:%5B1157~120.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:101,fm:sWT5Par+1*.923387-59920991%7C11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C173%7C174%7C18%7C191%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.104.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-104-151.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 97ms
97ms Image
image/gif 52.203.104.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=923387&asId=8fd422cc-dc51-b943-67ba-37e38904e2b8&tv=%7Bc:3FtcLd,pingTime:1,time:1420,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:500,t:280%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1420,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:280,wc:0.0.1600.1200,ac:1360.0.120.500,am:sp,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1158~100%5D,as:%5B1158~120.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:101,fm:sWT5Par+1*.923387-59920991%7C11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C173%7C174%7C18%7C191%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.104.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-104-151.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:48 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 5B8B 154 KB
36 KB 29ms
28ms Script
text/javascript 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=160046&siteId=769468&adId=3310873&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=224&vw=400&placement=3&vtype=0&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Requested by: Host: player.urdupoint.com
URL: https://player.urdupoint.com/player/urdupoint.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ce083536384cb4f54dcf9282db820a5d7efc360517e17812c2302b4f6b1d229b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:49 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 04:40:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-2660e-5d77a51598671"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36683

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 30ms
29ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644356386871.754&type=OPPORTUNITY&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=2Q0W93kixUD9OJmDV2xD01UMKSby6qFOvkNjKo_jrWWophnvE2iV&vtId=wMz-M8jcvuEQDRzmxdPj_w38Qz8zBdvjpfky8TmmRi8d2hPXDOID&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=2794&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Avast%3Bt%3Abidding%3B&r=0.014121118279103007
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:49 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame D89A 35 B
170 B 30ms
29ms Image
image/gif 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1644356386871.754&type=OPPORTUNITY&placementId=WmOWAop7JnuIh0Of0r6vTguNhlpjlAHvzcbOnNgNMmeDP_JvBX2c&tagId=kJQcAHA-e0Hy0tv4jsMpHxr-tZCUH1vFKn4Yo3rPZoXovtZBGErD&vtId=9Gvi0STU-TOSyPhsmBj4IT55ZwuUGaOCnsaX4aaeX--snJiYzJhq&message=&u=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&t=2795&v=102.1&w=6LKjYKmtxpXkh8IYHG2Tr7WZWBdNWQmsKT78juDTgyVRH5b5Oujj&width=400&z=p%3Apl%3Bv%3AinPage%3Bc%3Avast%3Bt%3Aurl%3B&r=0.37018552380411207
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.urdupoint.com/
Origin: https://www.urdupoint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.urdupoint.com
date: Tue, 08 Feb 2022 21:39:49 GMT
srvf: 95.217.58.251
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 345F 38 KB
14 KB 29ms
22ms Document
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=160046&siteId=769468&adId=3310873&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=224&vw=400&placement=3&vtype=0&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/

Response headers

last-modified: Tue, 11 Jan 2022 05:13:08 GMT
etag: "1302647-9687-5d547824a78f1"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13928
content-type: text/html; charset=UTF-8
cache-control: public, max-age=26463
expires: Wed, 09 Feb 2022 05:00:52 GMT
date: Tue, 08 Feb 2022 21:39:49 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5B8B 38 KB
14 KB 34ms
25ms Script
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=160046&siteId=769468&adId=3310873&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=224&vw=400&placement=3&vtype=0&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 05:13:08 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-9687-5d547824a78f1"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=26463
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13928
expires: Wed, 09 Feb 2022 05:00:52 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 345F 2 KB
3 KB 468ms
155ms Script
text/html 104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25761627&p=160046&s=769468&a=3310873&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1e39276a63bea7aec5ebd9d06c69ee776e35bc707020b1c90a4f5c8451b9c25f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 5B8B 27 B
466 B 268ms
210ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=160046&siteId=769468&adId=3310873&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=224&vw=400&placement=3&vtype=0&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&cb=1644356389568&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.urdupoint.com%252Fen%252Fworld%252Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&screenResolution=1600x1200&kdntuid=1&vwndh=224&vwndw=400&vwndurl=https%253A%252F%252Fwww.urdupoint.com%252Fen%252Fworld%252Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-2-8%2021:39:50&ranreq=0.2597050517652957&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=160046&siteId=769468&adId=3310873&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=224&vw=400&placement=3&vtype=0&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.urdupoint.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg
content-type: application/xml; charset=utf-8

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 0F7C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=87DD1491-ABE6-4798-A854-3F0A426431A2
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87DD1491-ABE6-4798-A854-3F0A426431A2

35 B
467 B

19ms
19ms

Document
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87DD1491-ABE6-4798-A854-3F0A426431A2

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 08 Feb 2022 21:39:50 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 08 Feb 2022 21:39:50 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87DD1491-ABE6-4798-A854-3F0A426431A2
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AC76
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgLjJgAEvkoDhQBB&gdpr=0&gdpr_consent=&_test=YgLjJgAEvkoDhQBB

1 B
256 B

37ms
21ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgLjJgAEvkoDhQBB&gdpr=0&gdpr_consent=&_test=YgLjJgAEvkoDhQBB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 08 Feb 2022 21:39:49 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug004:0:390
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgLjJgAEvkoDhQBB&gdpr=0&gdpr_consent=&_test=YgLjJgAEvkoDhQBB
accept-ranges: bytes
date: Tue, 08 Feb 2022 21:39:50 GMT
via: 1.1 varnish
x-served-by: cache-hhn4081-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1644356390.218096,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2F10
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:df806202-e325-4500-98f2-36623b35d605&gdpr=0&gdpr_consent=

42 B
652 B

82ms
21ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:df806202-e325-4500-98f2-36623b35d605&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 08 Feb 2022 21:39:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug019:0:413
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Tue, 08 Feb 2022 21:39:50 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:df806202-e325-4500-98f2-36623b35d605&gdpr=0&gdpr_consent=
Expires: Tue, 08 Feb 2022 21:39:49 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 345F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h90UkavmR5ioVD8KQmQxog%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

23ms
23ms

Image
text/html

92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 92.122.252.114 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=138141
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Thu, 10 Feb 2022 12:02:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame 345F 0
66 B 46ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=87DD1491-ABE6-4798-A854-3F0A426431A2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

502

SPug
image4.pubmatic.com/AdServer/ Frame 345F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32466202-e325-4800-8e3a-452caf776057

0
0

44ms
18ms

Image
text/html

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32466202-e325-4800-8e3a-452caf776057
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Tue, 08 Feb 2022 21:39:50 GMT
Server: MT3 4133 baa842e master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32466202-e325-4800-8e3a-452caf776057
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Feb 2022 21:39:49 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 345F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODdERDE0OTEtQUJFNi00Nzk4LUE4NTQtM0YwQTQyNjQzMUEy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
342 B

476ms
158ms

Image
image/gif

204.237.133.120
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 204.237.133.120 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
cache-control: no-store, no-cache, private
x-lat: sv3pug013:0:478
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 345F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDLAb_j81b9kP2JfdvYL_Wc&google_cver=1

42 B
276 B

477ms
159ms

Image
image/gif

204.237.133.120
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDLAb_j81b9kP2JfdvYL_Wc&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 204.237.133.120 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
cache-control: no-store, no-cache, private
x-lat: 10:0:503
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDLAb_j81b9kP2JfdvYL_Wc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 345F 43 B
612 B 65ms
13ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 07 Feb 2022 21:39:50 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 345F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f891d5bf-189a-449b-b6c9-dac523126475

42 B
295 B

25ms
22ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f891d5bf-189a-449b-b6c9-dac523126475
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:49 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:2113
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f891d5bf-189a-449b-b6c9-dac523126475
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 345F
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2883581542429217098&gdpr=0&gdpr_consent=&us_privacy=

1 B
324 B

61ms
22ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2883581542429217098&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:453
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2883581542429217098&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 08 Feb 2022 21:39:49 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 87DD1491-ABE6-4798-A854-3F0A426431A2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 345F 43 B
989 B 117ms
37ms Image
image/gif 2a05:d018:d29:3602:e939:2a3d:aa5a:940c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/87DD1491-ABE6-4798-A854-3F0A426431A2?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:e939:2a3d:aa5a:940c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 345F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87DD1491-ABE6-4798-A854-3F0A426431A2&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87DD1491-ABE6-4798-A854-3F0A426431A2&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4LQv0x1E2uVg92kgkCuyFV3ivWibqT0-~A&gdpr=0&gdpr_consent=

0
252 B

73ms
18ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4LQv0x1E2uVg92kgkCuyFV3ivWibqT0-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4LQv0x1E2uVg92kgkCuyFV3ivWibqT0-~A&gdpr=0&gdpr_consent=
date: Tue, 08 Feb 2022 21:39:50 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 345F
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1868067680547776839&gdpr=0&gdpr_consent=

42 B
314 B

464ms
159ms

Image
image/gif

204.237.133.120
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1868067680547776839&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 204.237.133.120 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
cache-control: no-store, no-cache, private
x-lat: sv3pug009:0:537
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 08 Feb 2022 21:39:50 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3dacfeeb-6f03-42da-bc50-678417783629
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1868067680547776839&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 5B8B 0
61 B 63ms
12ms Image
text/html 23.209.68.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=160046&s=769468&a=3310873&ts=1644356390&wa=0&vadsId=-1&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.68.245 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-68-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
content-length: 0
content-type: text/html

GET
H2 200 track
aktrack.pubmatic.com/ Frame D89A 0
61 B 64ms
14ms Image
text/html 23.209.68.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=160046&s=769468&a=3310873&ts=1644356387&wa=0&e=96&ier=900&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.68.245 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-68-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 21:39:50 GMT
content-length: 0
content-type: text/html

GET
H2 200 index.html Show response
cdn.inskinad.com/redirect/ Frame 57B4 900 B
638 B 8ms
8ms Document
text/html 104.94.242.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6MjA0fQ%26s%3DYfJpmWnSqwB5lYrnBETdRDAqwag&tracker=true
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/lib1643031061973.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.94.242.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-242-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/CreativeStore/ps/2022-01/61e9412d4b4f522cb319ce53_1/top.html?xdm_e=https%3A%2F%2Fwww.urdupoint.com&xdm_c=default1799&xdm_p=1

Response headers

accept-ranges: bytes
content-type: text/html
etag: "be5f029aae431ed80ad45333a334787f:1481726617"
last-modified: Wed, 14 Dec 2016 14:43:37 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=25060
date: Tue, 08 Feb 2022 21:39:51 GMT
content-length: 446
access-control-allow-origin: *

POST
H2 204 rec Show response
t.inskinad.com/ Frame 5FAE 0
37 B 16ms
16ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:51 GMT
via: 1.1 google

POST
H2 204 rec Show response
t.inskinad.com/ 0
37 B 17ms
17ms XHR
text/plain 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.inskinad.com/rec
Requested by: Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.urdupoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:51 GMT
via: 1.1 google

GET
H2 200 e.gif
mfad.inskinad.com/ Frame 57B4 43 B
499 B 103ms
102ms Image
image/gif 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mfad.inskinad.com/e.gif?e=eyJ2IjoiMS4xMCIsImF2IjoxOTA2MDUyLCJhdCI6MjE2MywiYnQiOjAsImNtIjo1NDk5NzMzNywiY2giOjIzOTYyLCJjayI6e30sImNyIjo3MDY0MDk5NiwiZGkiOiJlNmM1NDVhNDhjNzY0MDA2YjQ3NjlhZGJjYWUyYjFlOSIsImRqIjoxLCJpaSI6Ijk2MDYwYjRiYWExNjQ1ZDY4YTMxYzJjN2UxNTU0MjQ4IiwiZG0iOjMsImZjIjoxMzI4ODQyOTEsImZsIjoxMjQ4NDI3MTYsImlwIjoiMTM4LjE5OS4zOC4xMzMiLCJudyI6OTg3NCwicGMiOjIyLjk2LCJvcCI6MjIuOTYsImRwIjoyMS42NTQzLCJkbiI6MjEuNjU0MywiZGciOjIxLjY1NDMsImVjIjoyMi45NiwiZ20iOjAsImVwIjpudWxsLCJycCI6MjgsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6InVuZGVmaW5lZCIsInNiIjoiaS0wMGU5M2M2N2Y0ODAyMWQwYyIsInNwIjoxMjc5MzMyLCJzdCI6MTAxMzU3NCwidWsiOiJ1ZTEtOGEyZWQ2ZGZmMGVmNDg4YTg4NTRkODBiMzNkZDA2NWYiLCJ0cyI6MTY0NDM1NjM4NTk3MSwiYmYiOnRydWUsInBuIjoiYWQiLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsImd2IjoxNTAsImdSIjp0cnVlLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6MjA0fQ&s=YfJpmWnSqwB5lYrnBETdRDAqwag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.inskinad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:51 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1a-i-046fad035a7d4b5b1

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zkW3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-TA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=500&w=120&fy=1360&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&id=1&ii=4&f=0&j=&t=1644356387317&de=745044052508&cu=1644356387317&m=5142&ar=944fd8091a1-clean&iw=3b2b3d1&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3549&le=1&lf=185&lg=1&lh=48&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1166%3A1166%3A1651%3A1182&as=1&ag=5105&an=1287&gi=1&gf=5105&gg=1287&ix=5105&ic=5105&ez=1&ck=1287&kw=936&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5105&bx=1287&ci=1287&jz=936&dj=1&aa=1&ad=4989&cn=1171&gn=1&gk=4989&gl=1171&ik=4989&co=1171&cp=936&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4927&cd=936&ah=4927&am=936&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=128442%3A54997337%3A70640996%3Aundefined&bo=urdupoint.com&bd=urdupoint.com&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=124842716&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=6&jm=-1&tc=0&fs=196859&na=2129052327&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Feb 2022 21:39:52 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
103ms Image
image/gif 52.203.104.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=923387&asId=8fd422cc-dc51-b943-67ba-37e38904e2b8&tv=%7Bc:3FtdNI,pingTime:5,time:5419,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:500,t:280%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:5419,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:280,wc:0.0.1600.1200,ac:1360.0.120.500,am:sp,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5157~100%5D,as:%5B5157~120.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:99,fm:sWT5Par+1*.923387-59920991%7C11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C173%7C174%7C18%7C191%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.104.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-104-151.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:52 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 96ms
96ms Image
image/gif 52.203.104.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=923387&asId=8fd422cc-dc51-b943-67ba-37e38904e2b8&tv=%7Bc:3FtdNI,pingTime:5,time:5420,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:500,t:280%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:5420,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:280,wc:0.0.1600.1200,ac:1360.0.120.500,am:sp,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5158~100%5D,as:%5B5158~120.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:99,fm:sWT5Par+1*.923387-59920991%7C11%7C12%7C13%7C141%7C15%7C16%7C171%7C172%7C173%7C174%7C18%7C191%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.104.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-104-151.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.urdupoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 21:39:52 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 all
csm.eu.criteo.net/ Frame 7E80 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:53 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame DD74 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Feb 2022 21:39:53 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 05:05:08	Name: _bit Value: m18lDH-35d261bb163e34fc0f-00Y
.urdupoint.com/	1970-01-20 00:45:58	Name: __asc Value: f3066e4217edb4735d34be2d98b
.urdupoint.com/	1970-01-20 09:32:58	Name: __auc Value: f3066e4217edb4735d34be2d98b
.rubiconproject.com/	1970-01-20 09:31:32	Name: khaos Value: KZENC2H8-11-8LO4
.rubiconproject.com/	1970-01-20 09:31:32	Name: audit Value: 1\|naVuGyos1qpoexE0ApDMYnjc0/aJelRdbjRFtGIHH0t2wHsFnqwQFG4jB+aCjJ9amaJYrp4DDmZYMsblxkucnOBxGCOXoSK1TJf5c05TkeHc6UO785F0Pw==
.urdupoint.com/	1970-01-20 18:17:08	Name: _ga Value: GA1.2.1944566919.1644356385
.urdupoint.com/	1970-01-20 00:47:22	Name: _gid Value: GA1.2.2100804009.1644356385
.urdupoint.com/	1970-01-20 00:45:56	Name: _gat_gtag_UA_307140_1 Value: 1
.doubleclick.net/	1970-01-20 10:07:32	Name: IDE Value: AHWqTUnPLT1GFIVK0GeUi8UUYgXJ7AqXQiXhTHviuOZj-eILRs0ppX77KDirF4LkV8Y
.scorecardresearch.com/	1970-01-20 18:02:44	Name: UID Value: 1219ac989ed654c4e2a7f671644356385
.urdupoint.com/	1970-01-20 10:07:32	Name: __gads Value: ID=b89d561ba5ff26d0-226967df38cd000d:T=1644356385:S=ALNI_MbRYLf-ZrZnO6bGhdSNHCxS011iww
.casalemedia.com/	1970-01-20 02:55:32	Name: CMPS Value: 3240
.adnxs.com/	1970-01-20 02:55:32	Name: uuid2 Value: 1868067680547776839
.casalemedia.com/	1970-01-20 09:31:32	Name: CMID Value: YgLjIjzyOZ4dIQ6nWpMPQQAA
.casalemedia.com/	1970-01-20 02:55:32	Name: CMPRO Value: 1137
.casalemedia.com/	1970-01-20 00:47:22	Name: CMST Value: YgLjImIC4yIA
.casalemedia.com/	1970-01-20 09:31:32	Name: CMRUM3 Value: 2d6202e3222760CAESENJ2cT_VQmDlyUJBRQtG4Qs
.redintelligence.net/	1970-01-20 02:55:32	Name: 8lcfmzhxc8d6_uid Value: 38b3b0c8251a00c5
.adnxs.com/	1970-01-20 02:55:32	Name: anj Value: dTM7k!M4.FCxrEQF']wIg2E>vFHQ_R!EKw)0I]]:>//ECId2BWai$i]Z/v>+Ym9N2#=o-7Kug]gW-(wRZ`K'>jnjV^Nl$]kNya!tNhTpiudZRc
.criteo.com/	1970-01-20 10:07:32	Name: uid Value: a95f8f56-6fbf-4922-8910-04e2bce40043
.insightexpressai.com/	1970-01-20 07:54:51	Name: TID Value: 00000000-0000-003d-ee33-191644356386
.insightexpressai.com/	1970-01-20 18:16:33	Name: IXAI58184 Value: FTF
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW_Time Value: 1644356386
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW Value: 00000000-0000-003d-ee33-191644356386
.openx.net/	1970-01-20 09:31:32	Name: i Value: 7d608405-8eca-0c35-050c-f4862a046bf7\|1644356386
.urdupoint.com/	1970-01-20 10:07:32	Name: cto_bundle Value: S7ANEl90eFBHZ0ZEekNuaGNwR3RGYndDTE5LRFRMM1pWb05DZ3RtVXBubjJCVTZvOWI3QkJ2aTBEWHcxNTB6RlVYRGcyT1FRcDV4RGxTN29zaVB0VXRzYjZka1pTeDdhZSUyRjlBcmNEdmo0JTJGMGVtRllabWhzR2dWandxcEc4a0dncko1V1hPYmtUS0J1Ump1QjR6aE1iWDlObHl3JTNEJTNE
.openx.net/	1970-01-20 01:07:32	Name: pd Value: v2\|1644356387\|gu
.office-partner.de/	1970-01-21 00:45:56	Name: source Value: {"webgains_webgains":{"timestamp":1644356387463,"clickCookie":false}}
.adtelligent.com/	1970-01-20 02:15:13	Name: vmuid Value: 0a34f6dd8a604c00
.adtelligent.com/	1970-01-20 02:15:13	Name: a297253 Value: 1868067680547776839
.pubmatic.com/	1970-01-20 02:55:32	Name: KADUSERCOOKIE Value: 87DD1491-ABE6-4798-A854-3F0A426431A2
.pubmatic.com/	1970-01-20 02:55:32	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 02:55:32	Name: DPSync3 Value: 1645488000%3A197_201%7C1644883200%3A164%7C1644364800%3A174
.pubmatic.com/	1970-01-20 02:55:32	Name: SyncRTB3 Value: 1645488000%3A21_71_3_22_7_220_13_54%7C1644883200%3A223_2
.analytics.yahoo.com/	1970-01-20 09:32:58	Name: IDSYNC Value: 18z8~234l
.simpli.fi/	1970-01-20 09:32:58	Name: suid Value: AAA9D9CEC9F84978826903CB7D9C031E
.adform.net/	1970-01-20 01:26:15	Name: C Value: 1
.mathtag.com/	1970-01-20 10:11:51	Name: uuid Value: 32466202-e325-4800-8e3a-452caf776057
.adform.net/	1970-01-20 02:12:20	Name: uid Value: 8077065840904400974
.turn.com/	1970-01-20 05:05:08	Name: uid Value: 2883581542429217098
.adsrvr.org/	1970-01-20 09:31:32	Name: TDID Value: f891d5bf-189a-449b-b6c9-dac523126475
.everesttech.net/	1970-01-20 09:31:32	Name: everest_g_v2 Value: g_surferid~YgLjJgAEvkoDhQBB
.yahoo.com/	1970-01-20 09:31:53	Name: A3 Value: d=AQABBCbjAmICELyyNEUC4i__WL2KrfmwldMFEgEBAQE0BGIMYgAAAAAA_eMAAA&S=AQAAAgIHX95_iNf36fuelpFbJeM
.pubmatic.com/	1970-01-20 01:29:08	Name: SPugT Value: 1644356389
.adsrvr.org/	1970-01-20 09:31:32	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwi06Z6UstW1OhAFGAUgASgCMgsIsqT_wMjVtToQBTgB
.pubmatic.com/	1970-01-20 01:29:08	Name: KRTBCOOKIE_27 Value: 16735-uid:df806202-e325-4500-98f2-36623b35d605&KRTB&16736-uid:df806202-e325-4500-98f2-36623b35d605&KRTB&23019-uid:df806202-e325-4500-98f2-36623b35d605&KRTB&23208-uid:df806202-e325-4500-98f2-36623b35d605
.pubmatic.com/	1970-01-20 01:29:08	Name: KRTBCOOKIE_218 Value: 4056-YgLjJgAEvkoDhQBB&KRTB&22978-YgLjJgAEvkoDhQBB&KRTB&23194-YgLjJgAEvkoDhQBB&KRTB&23209-YgLjJgAEvkoDhQBB
.pubmatic.com/	1970-01-20 01:29:08	Name: KRTBCOOKIE_22 Value: 14911-2883581542429217098
.pubmatic.com/	1970-01-20 01:29:08	Name: KRTBCOOKIE_377 Value: 6810-f891d5bf-189a-449b-b6c9-dac523126475&KRTB&22918-f891d5bf-189a-449b-b6c9-dac523126475&KRTB&23031-f891d5bf-189a-449b-b6c9-dac523126475
.pubmatic.com/	1970-01-20 02:55:32	Name: pp Value: 160046
.pubmatic.com/	1970-01-20 02:55:32	Name: PUBMDCID Value: 1
.pubmatic.com/	1970-01-20 01:29:08	Name: KRTBCOOKIE_57 Value: 22776-1868067680547776839&KRTB&23339-1868067680547776839
.pubmatic.com/	1970-01-20 01:29:08	Name: PugT Value: 1644356390
.pubmatic.com/	1970-01-20 01:29:08	Name: KRTBCOOKIE_80 Value: 22987-CAESEDLAb_j81b9kP2JfdvYL_Wc&KRTB&16514-CAESEDLAb_j81b9kP2JfdvYL_Wc&KRTB&23025-CAESEDLAb_j81b9kP2JfdvYL_Wc

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://www.urdupoint.com/en/world/putin-biden-agree-state-of-russian-us-cooper-1421033.html Message: Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://urdupoint-d.openx.net/v/1.0/av?auid=542286118&url=https%3A%2F%2Fwww.urdupoint.com%2Fen%2Fworld%2Fputin-biden-agree-state-of-russian-us-cooper-1421033.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cb=0.6415316643982265&vht=224&vwd=400&ip=138.199.38.133&lmt=$$DNT$$&gdpr=0&gdpr_consent=') from origin 'https://www.urdupoint.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://idsync.rlcdn.com/420486.gif?partner_uid=87DD1491-ABE6-4798-A854-3F0A426431A2 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32466202-e325-4800-8e3a-452caf776057 Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

111777ad9e5190a3d75d6733963ccc35.safeframe.googlesyndication.com
a.teads.tv
ad.doubleclick.net
ad.turn.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
aktrack.pubmatic.com
analytics.webgains.io
api.webgains.io
as-sec.casalemedia.com
bidder.criteo.com
bit.ly
c.amazon-adsystem.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.adnxs-simple.com
cdn.ampproject.org
cdn.inskinad.com
cdn.jsdelivr.net
cdn.lamp.avct.cloud
cdn.mfad.inskinad.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hb.emxdgt.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
inskinmedia689754970364.s.moatpixel.com
match.adsrvr.org
mb.moatads.com
mfad.inskinad.com
mug.criteo.com
nym1-ib.adnxs-simple.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
photo-cdn.urdupoint.com
pix.eu.criteo.net
pixel.adsafeprotected.com
player.urdupoint.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
px.moatads.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.nl.eu.criteo.com
rtb.openx.net
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.insightexpressai.com
securepubads.g.doubleclick.net
serving.stat-rock.com
simage2.pubmatic.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.mathtag.com
t.illuma-tech.com
t.inskinad.com
t.teads.tv
t.trafmag.com
tlx.3lift.com
tpc.googlesyndication.com
track.webgains.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
urdupoint-d.openx.net
vid.pubmatic.com
video-ads.rubiconproject.com
video.inskinad.com
vpaid.pubmatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.urdupoint.com
z.moatads.com
cm.g.doubleclick.net
104.36.113.23
104.94.242.154
108.157.4.80
138.201.220.30
142.250.184.226
142.250.185.166
142.250.185.66
143.204.95.188
143.204.98.17
143.204.98.5
143.204.98.72
143.204.98.84
144.76.128.227
151.101.2.49
169.50.137.184
172.67.68.78
178.250.0.139
178.250.0.157
178.250.0.160
178.250.0.165
178.250.2.150
18.135.139.107
18.135.229.166
18.156.0.31
18.196.18.182
185.29.132.245
185.33.220.145
185.33.221.87
185.64.189.110
185.64.190.75
185.64.190.81
193.200.65.5
2.20.164.14
2001:678:cb4:bbbb::11
204.237.133.120
23.209.68.245
23.209.68.8
23.37.38.181
2600:1f16:bc:1201:ba55:a298:fa7e:df1f
2600:9000:2156:2a00:17:8296:f1c0:93a1
2600:9000:2156:4400:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:20::681a:8a9
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6810:5f41
2a00:1450:4001:800::2006
2a00:1450:4001:801::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2013
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:2638::1c
2a02:26f0:12d:5ac::1ec4
2a02:26f0:f7:197::26e5
2a05:d018:d29:3602:e939:2a3d:aa5a:940c
2a0b:4d07:101::1
2a0c:5c81:5142::2
3.214.202.18
34.242.207.34
34.248.224.58
35.156.230.193
35.186.253.211
35.244.159.8
35.244.174.68
37.157.3.30
46.236.13.147
46.4.10.49
52.203.104.151
52.223.40.198
52.29.60.125
52.50.160.17
62.149.0.72
67.199.248.11
68.67.179.135
92.122.252.114
92.122.253.36
92.122.254.129
92.122.254.4
92.122.255.233
95.217.58.251
0124f255bcfb3c92cf9ffb74b145b83e27821f8a9dc39008224858bd5d019e69
0494c186cc63fff32e82a4a91eceee908acd7ce5ec7b0ec2f19e613b5cb5d767
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ed308d8fc21b8c0143ccba201bb61b6cf3d16d765b5bd01eb6c7e5826c23576
0fad26f2753c5c0612ab62a0e09024d5c267ed229bd679db4c9d63c79d5a8e07
10a773e4fd0d757ed34cd27d442ea2cacd361ddc10b814e84c4c9d4466139477
1114322830a99dd819fe176610e785bd29791a754d08cfa792cc1b3100e968be
11bd67fae0e1a4be440fcce2b70cdbca1c98dfc6b8df10936d94523630992b11
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
16133c0daae66bb7829e8ef8b9095b58106261f298e7aa367df09ff05e60d1aa
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abe7fbb028cc84f7b5374497875436a3d646eaf988f5e1cd62f63bdf4772605
1bafcaf8729ad79c8fad5b0850e3bf90fa5bacf70385042659004a68276ac487
1bb81774370c658a1ab9f1d3229d25cefe24fe07caa3d763cec7f7d121503f3a
1c81839dc84d8743c374e31ba72001a2dbcfaf99b87d7fcc2a079497159e6db4
1ddf54555ab2c83e5e5df79154ea339ba83672c93eaff5e2ac4d00b8dd058336
1e0f54c513780714962137c641f4c1021a3115f8019b64925fe877d99006a971
1e39276a63bea7aec5ebd9d06c69ee776e35bc707020b1c90a4f5c8451b9c25f
201a13b62ff5bb978ec95729de4b543d90abb1b170abb4eb959031d5704dc330
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2343b4803ee1d1f48388c3d6c8cdef83cdf2cba919b92f190b4acd1ea48f0fc6
2625eaf1c9094068eb1d5d0960ff955643bc5c30fbfdc43496bfbf732e1507b3
29c46aad13f12a8e2e825e90125bb9da573ee40bcbe8df6c6012f7716c472899
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2de7d502d6a14d64bca867af7ad23e7cb6fcf20560ec9e05f5499237753c2a16
2f09c528b139f219b8de997ea6067be2566ecba06dac254d6e31dbfdf25fa426
316a623e753d4cdbb7d7744ed8720f923e9c591a85822011cb9016285fa5be59
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34befe8734b635caf13963620b030761e5c372e064b0a76a4173d68f390b7e05
350c267c41d95f4bf8a29ec1e7e4db6ec3b59718a53b6c2f1c38aa72ad389064
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38169b6318a08654cac4149d9acc72d6726a6a5e55509810fad19da8423db6e2
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
389659b9fc558a5f9be2b7624d176d6df0c0b62d005a8200bbf565271f88842c
3a862562754d28e9573a23872501c44ab8f5d1f798796e0c244d29ab92f02933
3c008a1f0ae2386fc78952d905e7e818bc85a84bcbdf89ab9a528e705530163b
3de57da630ced7a05914d59ab534c51dbe0115e51329fd9710c491706e6b1950
4140185024faab0c3351923fe7b2da5001f7554ce5103fde7a7c54d365012a81
41b4822cba86a03bfb7f94dcdb9e13f66d7ceb7e9d7fe5d7f35915ae89ba76a0
43f13c8c428fc3566777612f36302000df9c5eeb9bafc6c8b9d57f66d76dacbf
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711
44388858009cfb0ba580feb459ed8e6d67ea03796ee617fd0e2a8d3c6456f034
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ac585a7d8ea88cbd98a185bf1792940690bf230f4f00e2205fcd9ba5578d0c
4a08ace2d5330f88a46e55ea98a6d4d801136f2dd35063819a64e8a875f65cff
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf8f0be6b9b4a9cd029f0c30a651690ea007ad1b44745e7a5b2d6904ffa5372
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503c618f7676dd96283ba3c284d3dfa15cd4cd27bee43bd4508481147ac3994e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513140a723846aa57aff6195f00e513042eed348c059805ad41acc8041eeabaa
523ed7b890756945231453aa512ab830513f89eb3947780091b7bad01b3803ac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a153923bfe25e7c0c8dce6d594f502e7861c52e239b731ad04a937da40da2f
54c49f8d5fd70018820c7ff2c7a80e10631a835b9e8a4f2c9046bfe173e644fd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e2135af01797f51de12fe98ac6332dd222a58364235aa0e583d9bb56e64fe4
59da3d2ad9aa7d940a1c6033d47a4203c494aff0c69c74bb53f59538a09b3099
5aa49bce883123ecfa0b34ebf395b38ef8cf7ab8844bcd762fe2d887d05c4720
5b241fa53e03b0d4457a489dd31d8a9ef5270a622074f8380d4efabfe530fc17
5b4a683d307e10da0665a77bcfce1357c9557795fbe0fc3078dacf0223651ecd
5b78540e928cd3df3264bf4a5c03e3f1031ab74596c794bf8a980c305f252dcb
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
603af7d188ad48ad8e9ac1418da07fdbde77db428a333a6558f61b5e3992d953
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
656fb640ff915cd53da0543a28352288bb5c94b6da8005ad2c5ab27bd20d8ea4
65e922cfc69467b7c0b7832e9e4249b4fd8198c870c7cbd4442fbafef764d78d
679ea5a4c46ca49574a63bcda942903fb4f400b2239a4f46b4f69925e82df393
686a7e178017cdd6274b65ae4baa16f399ae62db93d804e07e435599b1c42933
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6707abac284dbd94ceb66111e9cff7e80ef0369d4847f45c12842182245510
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd241b5df9e4f96f7a07dc5212643afba1c3ed4fb38606b9503fc1e2a016664
6c48357ee9b284abcd0de98bae4f5997cdf57435f78b3945e8e7cda409c5fb03
6d4b458aa1f892c514e1f39e6fd68c32cced29107f96c0275caeccc0ee72f144
6daa4db0e81c38ce3cd9efb50c7692175c06f4f2c335c538a63ade407ebded29
6e7a37038388f606333739f5d2482651dbec91688a54e6cd55c381a99c7c4d5d
70889e26dd24c5dcc34a98561f1d14bc5060fbbe6130589289cbdc5a9a3a31c3
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
72f31c523cf1a36dce8fbaf6701e062d65222df0f0736d3d8a47c231b95b5fe6
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7587ae342ea6ed02d05f3d27ce6227be22ce2c2d124818028701fcbc70176cf9
7789d4994da7ca572d4e892c1531b14b73f912a9acb44e0df142e6bc1527db1f
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a
7c1ffabab445f06d02e23cb15f57763cb298d8169ae654a5d76db23c607bc905
7d35412230df84d445ffa85b8df8ee6efb70e34520f995379c06a4d337a04f06
7d91076c13fda13c5c0c10ca7d6ea2f1cd1156cf9a2b8ce3b70ea103a6cc4d13
7e27eb70649971913be9c3c0f28441677518e92433120e1b28a85daabdc383de
7fbf4b5e7b2663460bdb3a9b7b97fc87aaf3d4c7ce0f786e6762744e2dfb5499
804ed6bd1b982ce770196f370d35dba1022015d868613c41de5593af7c51b94e
82b09807856832a612a1cd8f14937acf467fed226eea813f7ac4fc212e75bd6c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83482a1db943014304d7a9734fa8639069e152a5b378867654650b8a0a9d2a4b
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
895367f03db7ad24fbfe47a16c86a9f9283e89d190a4b50a2891459c2d56c1d1
8994fd136b81b37275d59b868c7b1e167c2a8d296a151210eb572cd3cadbcdfd
89c8348c21d8d2004dc450c8a76d223a3554cbfa4e1be659722d056cf94d75b0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aabf80549012559b7c52e0b26adccccd8c47fc62ed148dac912078ba9cd5be2
8ae104e978ce1199491a3aa09a96a5d67f93acda03b609d703a814d8dc9810a0
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8c49fe0bac584ca240fc17c57e3f533fa6153ccb5745887c1350d6de10fe5a7a
8cbc0db8eb2b1b5ed89444964300b413c4c9bd1a01cd51bb04a2c44b6bf77639
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ded692abc5a6b47dde32e2beac408b364d9340ea3d0707db79d4b9acb1da459
8e9ff42df1e5ca663a24a7002d7a6ef933168e9bbd8c2f3642f7648b1d695b12
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
900d8d8fa420cbf77fcbd6300a9545e0118ea8a1b64677892ca65c1fc626e10b
9110c998143339ef68f7bfb147a71ea72cb23dde25fdfc7965a2c1bef5b29bfa
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
928ba0931c67bf5b7f0d9bae946d2d0e5c643eb528e2384847e8875f7de3362b
92d140724a3ae3abdf661f48ad7a6d05a0cacc1a557ef8264bfb16c742d741d3
94229996bcb9ea3bfc091efb91ed6b539166a5588413a0b66a595124e3dda14f
94ae7beaa4f1fee8dfea623b7805d7140625bfc59afbce51035293257b8b2c16
955d3643ea9f78c9ea06601f5248b2132c92cda7a1166361f65948b95ac23fb7
9a5136d1bfad5f3fcdaff24912a535dc34c37844c59e00988bd2207c72fdbe43
9b27ef300382a68609c6b6a866f8f72258965f172960640e8a71c1dd4102b44d
9d5c9b354dacc235f679de0cf26058aae70b5f530633b34567d4d2291d314b26
9dcb7ac4c21d14d711ae02171e314522079d2b388622f65002f75f68983817d5
9f4ba82a4a4ca65677caa46a48aac95329a427cb9e622077e260a9c3ff3a9459
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a173e2f99269f8823f81e80d8cf158ed683e6dd37d20a72b0de7a48c5a04158b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cf7ec7045abb1a1170e392a7d2bdd3f9d94403a3f15855b01f4457c01f9c23
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a516073cee7233ff8ebc78f356f6a9755eca26443a74f73a5f68168bed59c5f1
a57d66c4f3eb01bc15b88cc35e7adc32059db5c13fbe3a582020d687c28f1593
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a9f03061f9033f9d58a46346d65f19d39b5e2ad96c38691d3cf3459c94f1337f
aa02cc5edc159cf7a13ddec604471c311456c10246afbda57935b580e88c28c0
ace8a885512a44c6b6d25dca32b74faafa298174a47cee254fbb0df131b057d1
ad022b7360fcdc88ec8c6fdb6763ed1ed1730283f2e43feb5fc3261492ec4f6a
ad494eef2fe12be093d557920c50ff5d32578194869fc325963f6e3b219b2da8
ad5a3a7e7eefe03ca9cd9d7dd2e315708d4568b25db2ab4f44f93bada9a16504
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b4fecc285a0b71b6dcf796ba2eb212d1dace638a3e44304507caf66f6dd5c93f
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b6fa224fce81d86ca034be18a4c8bfead634b2beeebf09b8c7a47495c2cffe5a
b7d6de2ad6639408c714b9a4e8dd4791854906beab0329fef2df94661e67fb14
bc7ea5b6fae135415ac8a4b61769d27796aa16d033b6bb4fa5b6b6404240f513
bcb3dafb29f12846651cee0298f7a338472923526283098e5d94d92d335bb089
bd8f0ed06b169ad2d3b538c95cd7b3dc22f8fb3cc36b05fe85a1e04173d18f8d
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167
be821ef1e8c83fe376f72c9dbbe917eb478b4ff617b38f69f73e815823b1287d
bea54f8f266fc4b380f73cff7c96a4aaef21f8c47beb8de51f37b3f2af756471
bf8ba0b970ef455aafb3de0d80471b130696ac14cc1b0c7fe426656e00a39a1f
bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c
c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27
c40a44a19df53213ec78535f5c40a322fe6625cb9590ea8d4ec39d2f898f54b0
c4c1f8329e7dde62ace7963768827dabea2232c322e13d937fa6ad2cdfcd0063
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c8a52aad4ee539d8abe8a8c36613b9324636264c0d3ed28e648fa612ddeab027
c8dbf50c8d9c5f35cb0e66aef3544e8cc34893f9125fc68a0677172523676ac8
c94b2dc513022d0afc31167049d4da5d0c3a18e772ece08a1ce68cde3e99c732
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca4e3439abe8c8a1cff83120d911425a40b60de876fa1128dc4f147c7007d718
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cc8db29e0dc2feb070390f3ef287e81a34cd68b99eb5cfed70f0fbafa44caa13
cd239f0bf23efc33ad5dba04e16905cbab120f17a6484ec2b916b6668faa2e65
cd96accdcaff5520704020c59d437723a3290aeccbed425539ddcd2925d033c0
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
ce083536384cb4f54dcf9282db820a5d7efc360517e17812c2302b4f6b1d229b
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1916f330065c0894fe52d47af002d4f81ddb8f6670ae0aef95bb3ebb8777e6a
d19bbeaa603f0f7cad0b87e9daa5cf9dc77f5248d01c4e6b72a7335b0e3c127b
d1d3ea730d2e6e702970869a8b50073055bafa67a6916dea1370fac367cb6bcc
d237c54b787a979f77424c2dd83685aebab50988d8f1123d118a341b903d29b5
d2bddf12640533fc563d3324c26896664b8738677f27b7488480a5cc08055e4e
d6604d09cecfa8255dbf5406ddc20c24bb740b06fa45bac102eedc88f5262923
d7038510d6fe60ce2ff91858446b6bd71c8231d259398ada83ba34b1c746fa07
d806ed2d1dee72c1ad65db632d63e6eac53a9c43f28010490dfd53cb76467554
d80efa05ba9ccfea943d525319f03e396544484e02ee478c70b231ce956f594d
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
dad2878fa9be3e172ba33fc64ad389b647206e5d71fca395c7079eddd2683658
dc8fe7d4cebc2244403b0e5fe43a275534919e3a4d71fd197b66a4c3f88392af
dcd85c018e4158aed76180297163acfdb5ca7454d15dafd95bfa3eedfdd78ef3
dd6e6dcb010907d4204a7bfe43d6bb9ea771a7d38182f5424c5ed27e0b57761f
dd92368aaf473b2dd2aa6f40fb7778a176018eab93b8e5b378f811e5cac68d24
dddab1cef69de46d78988ba17036d940946b2a3c89a1042479e5be99cd720ea9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df24d163a93b369e53baa3564dafb5218d40e40518d35fb0445b95fbede1f490
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
dfeba11d52310a426ca6c2048f4e146608ddd0d2d404974329ef1ff4d17966aa
e0b55e1720dd17be06fa18f7f658f0ba5072a5c7ca5f7860c45da19e347825b7
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d7cb6befbc94ef68864ea0fd38e137942b2bb646c9861684558d478407ceed
e69e7abf38c9d3fef1b1b82c9de451f5dd004e6414278be2af0b7288feb18ad2
e6b46dcf62136665c0c87d34baa87a37ff3a1138435a88af95082cb7a24be1ba
e75fa3504a7a50b4cd1fc4921a376c9cefb0f5e5fedec6411ccf3f35a2ec2841
e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900
e892adf36677c39e52a7fa563fb0371395cfa92b0ccfdaeb21cb60d110b5b5ba
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e988099bf9b4b33a81c17328a70485f6b6643eebf69a3f5446586b0488920927
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ead6616c7622735009200ed46f529884682aa8abee0ab01fb48aa4d99b1df820
eae0597bc9cebc5af113044ad2604ee5a90e5578c4f8808f32331d2efca0650d
ecbb4aacf984a4cfa465a283e1ea03af14494bdfdac05555a68bcdcbaa71229d
ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e
edb0d200616102fff6e240aec7303a652a6f1dff2d8055b25f1ecbd579213a12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21
f087d94dd25b0ac7ecae0dcd31d26a79c6b6145a01ad414e64068894d4cd5b3e
f12c6f778dbaf0eae10c63648b5dd184ddd98669b002a0cfe3873d6a8750e5be
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f77e6c8cee7a44ad2a6a78a04e6578160f1c6a40f96ddce2845d1dc5dbd77ec9
fa03a88913c27b50a8816889750859eb28d2dd30b70d02153ceba5f7d07e68a7
fc22f40bf8f3e6bdc48dc721bd8654de93a7703f7d3bbe954e9c054e49888a90
fc4f383a86e4f46049ebed9c5e17209e2a77006304590bc80818b0ebf7c7eef6
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe2ec2b1c26f835e104c3ef4d6c2ac3d7899c23c202a340a9617159bb59f7f24

www.urdupoint.com Open in urlscan Pro 172.67.68.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

444 Requests

94 %HTTPS

36 %IPv6

54 Domains

104 Subdomains

89 IPs

11 Countries

7264 kBTransfer

15166 kBSize

54 Cookies

8 Outgoing links

Page URL History

Redirected requests

444 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.urdupoint.com Open in urlscan Pro
172.67.68.78 Public Scan

Screenshot
Live screenshot

Full Image

444
Requests

94 %
HTTPS

36 %
IPv6

54
Domains

104
Subdomains

89
IPs

11
Countries

7264 kB
Transfer

15166 kB
Size

54
Cookies

444 HTTP transactions
14 data transactions